When it comes to writing code, we all know how important it is to write maintainable, clean, and bug-free code. And while talking about bug-free code, the first name that comes to mind is SonarQube. SonarQube is a renowned open-source platform that provides a static code analysis tool. It does continuous code inspection, provides code insight, and guides the developers on how to write clean and secure code.
User and Permission management is always a concern for enterprises after they deploy applications like SonarQube. Enterprises need to manage access to such applications to allow specific users with being secure. In SonarQube, to make this process easy and more secure, miniOrange has released a SonarQube SAML Single Sign On (SSO) plugin with the feature-set that most enterprises require.
Atlassian Crowd is a powerful tool that enables users to create sessions for multiple Atlassian products like Jira, Confluence, Bitbucket, etc. The Crowd is a centralized identity for access management application that manages the users from various directories like Active Directory, LDAP, Open LDAP, Microsoft Azure Active Directory for connected applications.
The enterprises that use the Crowd for managing users and their permissions are also looking to delegate user authentication to central IDP (Identity Provider) for better security and seamless access for all the Crowd-connected applications. miniOrange provides an out-of-the-box Crowd Connector solution that supports this use case for Atlassian applications like Jira, Confluence, Bitbucket, Bamboo and Fisheye. Now the question is, would you be able to take the same benefits for Non-Atlassian apps like SonarQube?
Yes, it is possible! miniOrange is introducing a Crowd-connector solution for SonarQube so that you can take real advantage of Single Sign-On. Now, your users will be able to access all Atlassian apps as well as SonarQube using the same IDP session.
We have a SonarQube Crowd SSO Connector capable of creating user sessions by reading the Crowd session. So like any other Atlassian applications such as Jira, Confluence, and Bitbucket, you can manage groups and permissions from the Crowd. You can authenticate to the Crowd using the miniOrange’s Crowd SAML SSO plugin. And with the help of this plugin, you can invoke SSO from SonarQube itself. You do not need to log in to the Crowd explicitly.
Crowd SAML SSO Plugin acts as a SAML Service Provider and enables trust with Identity Providers. Crowd SAML SSO plugin takes care of the SAML Request, SAML response, and user session management at the Crowd end. Once the Crowd session is created, the SonarQube Crowd Connector plugin reads the session and gets the user logged into SonarQube.
Here, IDP authenticates the user while Crowd still manages users and their groups (permissions) for all other connected applications. With this flow, end-users will experience a seamless login and won't notice that the SSO request and response passes through the Crowd Server.
Let us understand the Workflow!
Don’t have a Crowd Directory? No worries! We have an alternative solution where you can use dedicated SAML SSO plugins for Atlassian and Non Atlassian Apps like Jira, Confluence, Bitbucket and SonarQube and configure it directly with central IDP.
What do you think of this solution? Do you think this would help to centralize authentication for your users? Let us know in the comments.
Shradha KambleMarketplace Partner
Hello everyone, Hope everyone is safe! A few months ago we posted an article sharing all the new articles and documentation that we, the AMER Jira Service Management team created. As mentioned ...
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events