I have configured Keycloak for Sonarqube 9.0 via the in-built SAML-plugin.
Keycloak and Sonarqube are both connected to the same ActiveDirectory.
While logging-on via Keycloak, the userdata (userid and emailaddress) is recognized by Sonarqube, but Sonarqube is not able to relate it to the username as present in AD.
For instance: The username is NL22109 (as present in AD), after logging in to Sonarqube, Sonarqube creates (if it’s the first time) a new user NL2210970378 with my correct first name and surname; the avatar shows an ‘N’. But it is seen as a new user which is not in AD, so it is not added to the correct groups. Even the ‘old’ user with which I used to login with oldfashioned uid/pwd continues to exist next to it.
In Keycloak I had to create two Mappers (login and Name), the username which is defined in ‘Name’ is responsible for the passing of the involved username, while if I replace it by email and I login with Keycloak, Sonarqube creates (if it’s the first time) a new user firstname.lastname@example.org with my correct first name and surname; the avatar shows an ‘A’. Also this user is not recognized as a user which is present in AD.
I have two questions:
- I am wandering if the cause is in Keycloak or Sonarqube
- Does anybody know how to solve this?