SQ Official Doc Link: https://docs.sonarqube.org/display/SONAR/Security
Table of Contents
SonarQube는 보안 관련 설정(인증(authentication) + 권한(authorization))을 관리할 수 있는 완전한 메커니즘을 기본 지원합니다. 보안 설정을 통해 다음의 두 가지 경우에 대비할 수 있습니다:
- 적절한 컴포넌트 및 정보 등에 대한 접근 권한을 관리
- 사용자를 위한 SonarQube 커스터마이제이션 활성화 (알림 관리 등)
SonarQube의 보안 설정을 통해 아래와 같은 보안상 제약 사항을 설정할 수 있습니다:
- Secure a SonarQube instance by forcing authentication prior to accessing any page
- Make a given project invisible to anonymous users
- Restrict access to a project to a given group of users
- Restrict access to a project's source code to a given set of users
- Define who can administer a project (setting exclusion patterns, tuning plugins configuration for that project, etc.)
- Define who can administer a SonarQube instance
For detailed explanations on how to configure the built-in security mechanism, browse Authentication and Authorization.
Authentication and authorization can also be delegated to an external system:
- LDAP or Active Directory - SonarQube LDAP Plugin
- PAM - SonarQube PAM Plugin
- Crowd - SonarQube Crowd Plugin
- GitHub - GitHub Authentication Plugin
- Bitbucket - Bitbucket Authentication Plugin
- Third-party proxies in front of the server via HTTP headers.
Another aspect of security is the encryption of settings such as passwords. SonarQube provides a built-in mechanism to encrypt settings.
