Hello
Bitbucket and sonar in our environment use the same ldap group, so i set up the integration in order to use auth, according to this link ,
By testing with a restricted user account, (user that does not have Access to a specific Project (java in my case) in bitbucket), the user was able to browse analyses belonging to that repo in sonar server. Am I missing something?
Things i had done:
I was able to create the application link , creating rsa key-pair etc.
the informations while creating the link:
application name:
sonaroauth
application type
generic application
service provider name
oauth
consumer key
sonaroauth
shared secret
sonaroauth
Request Token URL:
http://gbsnqt01.fw.garanti.com.tr:9000/plugins/servlet/oauth/request-token
Access Token URL:
http://gbsnqt01.fw.garanti.com.tr:9000/plugins/servlet/oauth/access-token
Authorize URL:
http://gbsnqt01.fw.garanti.com.tr:9000/plugins/servlet/oauth/authorize
consumer key
gbsnqt
consumer name
sonartest
consumer callback url
http://gbsnqt01.fw.garanti.com.tr:9000/oauth2/callback
I installed the sonar_auth_ bitbucket_plugin, to sonar instance,
made the settings as shown in the pictures,