As usual sonar administrator must create users to assign tasks and collaborations. Sonar provide LDAP plugin which enables the delegation of Sonar authentication to an external system. Currently LDAP plugin supports LDAP and Active directory. In our corporation we are using active directory and first of all i tried to configure the LADP plugin. LDAP plugin wiki fully describes the installation of the plugin with LDAP system but poorly with AD. With some effort with my boss we were able to configure the plugin with our AD system. Follows i am sharing the configuration:
#------------------- # Sonar LDAP Plugin #------------------- # IMPORTANT : before activation, make sure that one Sonar administrator is defined in the external system # Activates the plugin. Leave blank or comment out to use default sonar authentication. sonar.authenticator.class: org.sonar.plugins.ldap.LdapAuthenticator # Ignore failure at startup if the connection to external system is refused. # Users can browse sonar but not log in as long as the connection fails. # When set to true, Sonar will not start if connection to external system fails. # Default is false. #sonar.authenticator.ignoreStartupFailure: true # Automatically create users (available since Sonar 2.0). # When set to true, user will be created after successful authentication, if doesn't exists. # The default group affected to new users can be defined online, in Sonar general settings. The default value is "sonar-users". # Default is false. #sonar.authenticator.createUsers: true # (omit if you use autodiscovery) URL of the LDAP server. # If you are using ldaps, then you should install server certificate into java truststore. # eg. ldap://localhost:10389 ldap.url: ldap://mycompany.com # (optional) Distinguished Name (DN) of the root node in LDAP from which to search for users, # eg. “ou=users,o=mycompany” ldap.baseDn: dc=mycompany,dc=com # (optional) Bind DN is the username of an LDAP user to connect (or bind) with. # This is a Distinguished Name of a user who has administrative rights, # eg. “cn=sonar,ou=users,o=mycompany”. Leave blank for anonymous access to the LDAP directory. ldap.bindDn: ADADMIN # (optional) Bind Password is the password of the user to connect with. # Leave blank for anonymous access to the LDAP directory. ldap.bindPassword: ADADMIN_PASSWORD # Login Attribute is the attribute in LDAP holding the user’s login. # Default is ‘uid’. Set ’sAMAccountName’ for Microsoft Active Directory ldap.loginAttribute: sAMAccountName # Object class of LDAP users. # Default is 'inetOrgPerson'. Set ‘user’ for Microsoft Active Directory. ldap.userObjectClass: user # (advanced option) See http://java.sun.com/products/jndi/tutorial/ldap/security/auth.html # Default is 'simple'. Possible values: 'simple', 'CRAM-MD5', 'DIGEST-MD5', 'GSSAPI'. ldap.authentication: simple # (advanced option) # See # http://java.sun.com/products/jndi/tutorial/ldap/security/digest.html # http://java.sun.com/products/jndi/tutorial/ldap/security/crammd5.html # eg. example.org #ldap.realm: # (advanced option) Context factory class. # Default is 'com.sun.jndi.ldap.LdapCtxFactory'. #ldap.contextFactoryClass: com.sun.jndi.ldap.LdapCtxFactoryConfiguration may vary on your AD system, strongly guess system administrator may help in this issue.
For now in the time of the authentication, Sonar will ignore the password from it's own system and delegate the username and password to the active directory for authentication. Also sonar administrator must configure the role for each user independently.
After installing plugin we are ready to go for code review. On the violations tab we should see the review link as follows:
One shortage of the sonar code review is the lack of notification, when any comment or task assign to the users. I believe that, in future release sonar will add this notification functionality in code review.