Login always auto generated on 8.0
Closed this issue · 6 comments
In SonarQube version 8.0 the login property is restricted for internal use only, causing login from auth provider to be desconsidered.
Is this why, when I try to log in using my OIDC provider, I just get a page saying "you are not authorized" or something along those lines? And the user does not get created?
If this fixes that, then I would like to see it merged sooner rather than later. Right now, this plugin is useless to me if I cannot have it create users.
I just tried pre-creating a user and then logging that user in through OIDC, but I still get the "you are not authorized" page - it appears as if this entire plugin is broken until this MR is merged.
Can someone please give this some attention? @tjuerge
Is this why, when I try to log in using my OIDC provider, I just get a page saying "you are not authorized" or something along those lines? And the user does not get created?
If this fixes that, then I would like to see it merged sooner rather than later. Right now, this plugin is useless to me if I cannot have it create users.
Exactly, you get "you are not authorized" error
Some technical details can be found in SonarQube 8.1 Jira ticket SONAR-12475 Drop login generation strategy when using an Identity Provider.
This SonarQube API change brings a challenge to the user's SCM account - it defaults to the auto-generated SonarQube user login and can't be changed by the user:
Btw. the reasoning behind the change SONAR-12475 Drop login generation strategy when using an Identity Provider introduced in SQ 8.1 can be found in the SQ community forum entry User login not deterministic after update to 8.1 with SAML authentication:
The reason why logins are now automatically generated is that in case multiple ALMs are used, we want to prevent any situation where 2 identical logins could be generated.