SQ Official Doc Link: https://docs.sonarqube.org/display/SONAR/Authentication
Table of Contents
The first question that should be answered when setting the security strategy for SonarQube is: Can anonymous users browse the SonarQube instance or is authentication be required?
To force user authentication, log in as a system administrator, go to Administration > Configuration > General Settings > Security, and set the Force user authentication property to true
. To allow users to sign up for a SonarQube account, set the Allow users to sign up property to true
.
Authentication Mechanisms
Authentication can be managed through a number of mechanisms :
- Via the SonarQube built-in users/groups database
Via external identity providers such as an LDAP server (including LDAP Service of Active Directory), GitHub etc. See the Authentication & Authorization section of the Plugin Library.
- Via HTTP headers: SONAR-5430 - User authentication by HTTP headerCLOSED
This can be enabled in sonar.properties (property sonar.sso.enable). Refer to your Reverse Proxy documentation for guidance on how to feed and forward the appropriate headers accordingly.
Technical Users
When you create a user in SonarQube's own database, it is considered as local and will only be authenticated against SonarQube's own user/group database rather than against any external tool (LDAP, Active Directory, Crowd, etc.). By default admin
is a local account.
Similarly, all non-local accounts will be authenticated only against the external tool.
An Administrator can manage tokens on a user's behalf via Administration > Security > Users. From here, click in the user's Tokens column to see the user's existing tokens, and either revoke existing tokens or generate new ones. Once established, a token is the only credential needed to run an analysis. Pass it as the value to the sonar.login
property.
Default Admin Credentials
When installing SonarQube, a default user with Administer System permission is created automatically:
- Login: admin
- Password: admin
FAQ
I lost the admin password
In case you lost the admin
password of your SonarQube instance, you can reset it by executing the following query:
update users set crypted_password = '88c991e39bb88b94178123a849606905ebf440f5', salt='6522f3c5007ae910ad690bb1bdbf264a34884c6d' where login = 'admin'
This will reset the password to admin
.
0 Comments