diff options
| author | Aurelien Poscia <aurelien.poscia@sonarsource.com> | 2022-04-05 09:21:17 +0200 |
|---|---|---|
| committer | sonartech <sonartech@sonarsource.com> | 2022-04-08 20:02:59 +0000 |
| commit | 6cf2f8c54aa88ebc327a8f8881f42c38c104915b (patch) | |
| tree | db68bbbeb0ef27c4b78d52c96b5027c5425e7472 | |
| parent | 9b9839ecdef529f37a09ff5855babf20eea90075 (diff) | |
| download | sonarqube-6cf2f8c54aa88ebc327a8f8881f42c38c104915b.tar.gz sonarqube-6cf2f8c54aa88ebc327a8f8881f42c38c104915b.zip | |
NO-JIRA upgrade keycloak container to version 17
| -rw-r--r-- | .cirrus.yml | 7 | ||||
| -rw-r--r-- | server/sonar-docs/src/pages/instance-administration/delegated-auth.md | 8 |
2 files changed, 8 insertions, 7 deletions
diff --git a/.cirrus.yml b/.cirrus.yml index ec8aa9bf568..513720b5d16 100644 --- a/.cirrus.yml +++ b/.cirrus.yml @@ -447,13 +447,14 @@ qa_saml_task: memory: 10Gb additional_containers: - name: keycloak - image: jboss/keycloak:16.1.1 + image: quay.io/keycloak/keycloak:17.0.1 port: 8080 cpu: 1 memory: 1Gb + command: "/opt/keycloak/bin/kc.sh start-dev --http-relative-path /auth" env: - KEYCLOAK_USER: admin - KEYCLOAK_PASSWORD: admin + KEYCLOAK_ADMIN: admin + KEYCLOAK_ADMIN_PASSWORD: admin env: QA_CATEGORY: SAML script: diff --git a/server/sonar-docs/src/pages/instance-administration/delegated-auth.md b/server/sonar-docs/src/pages/instance-administration/delegated-auth.md index adefd75290e..26d5d029cba 100644 --- a/server/sonar-docs/src/pages/instance-administration/delegated-auth.md +++ b/server/sonar-docs/src/pages/instance-administration/delegated-auth.md @@ -57,10 +57,10 @@ The following example may be useful if you're using Keycloak as a SAML Identity | | Configure the new client | -| 1. in Settings +| 1. In Settings | 1. Set"Client Signature Required" to OFF | 1. Set "Valid Redirect URIs" to "<Your SonarQube URL>/oauth2/callback/*, E.G https://sonarqube.mycompany.com/oauth2/callback/saml -| 1. in Client Scopes > Default Client Scopes , remove "role_list" from "Assigned Default Client Scopes" (to prevent the error `com.onelogin.saml2.exception.ValidationError: Found an Attribute element with duplicated Name` during authentication) +| 1. In Client Scopes > Default Client Scopes , remove "role_list" from "Assigned Default Client Scopes" (to prevent the error `com.onelogin.saml2.exception.ValidationError: Found an Attribute element with duplicated Name` during authentication) | 1. In Mappers create a mapper for each user attribute (Note that values provided below for Name, SAML Attribute Name, Role Attribute Name are only example values): | 1. Create a mapper for the login: | * Name: Login @@ -70,7 +70,7 @@ The following example may be useful if you're using Keycloak as a SAML Identity | 1. Create a mapper for the name: | * Name: Name | * Mapper Type: User Property -| * User Attribute: Username (It can also be another attribute you would previously have specified for the users) +| * Property: Username (It can also be another attribute you would previously have specified for the users) | * SAML Attribute Name: name | 1. (Optional) Create a mapper for the email: | * Name: Email @@ -89,7 +89,7 @@ The following example may be useful if you're using Keycloak as a SAML Identity | * Single Role Attribute: ON | * Full Group Path: OFF | -| Download the XML configuration file from Keycloak. +| 1. In Realm Settings > General > Endpoints, click on "SAML 2.0 Identify Provider Metadata" to obtain the XML configuration file from Keycloak. [[collapse]] | ## In SonarQube, Configure SAML authentication |