application link to sonar not working for auth

Hilal Emeksiz May 20, 2018

 

Hello

Bitbucket and sonar in our environment use the same ldap group, so i set up the integration in order to use auth,  according to this link  ,

By testing with a restricted user account, (user that does not have Access to a specific Project (java in my case) in bitbucket),  the user was able to browse analyses belonging to that repo in sonar server.  Am I missing something?

 

Things i had done:

I was able to create the application  link , creating rsa key-pair etc.

the informations while creating the link:


application name:
sonaroauth

application type
generic application

service provider name
oauth

consumer key
sonaroauth

shared secret
sonaroauth

Request Token URL:
 http://gbsnqt01.fw.garanti.com.tr:9000/plugins/servlet/oauth/request-token
Access Token URL:
http://gbsnqt01.fw.garanti.com.tr:9000/plugins/servlet/oauth/access-token
Authorize URL:
http://gbsnqt01.fw.garanti.com.tr:9000/plugins/servlet/oauth/authorize

consumer key
gbsnqt

consumer name
sonartest

consumer callback url
http://gbsnqt01.fw.garanti.com.tr:9000/oauth2/callback

 

 

 I installed the sonar_auth_ bitbucket_plugin, to sonar  instance,

made the settings as shown in the pictures,

 

sonar_security_settings_1.pngsonar_security_settings_2.png

 

 

 

 

 

 

 

 

1 comment

dan lim May 20, 2018

Sorry I posted at wrong article, but i can't remove it.

Sorry for your inconvenience.

Comment

Log in or Sign up to comment
TAGS
AUG Leaders

Atlassian Community Events