SonarQube: How to configure fallback authentication when using Crowd

Question

Sonar supports fallback to the built-in authentication when using LDAP authentication. I expect the same to work for Crowd but somehow this does not seem to be the case. Is this a bug or do I miss some setting?

Answer 1

Look at the logs - is there an uncaught exception being thrown for failed Crowd authentication attempts? The CrowdAuthenticator may need to be fixed to catch them to and return false rather than propagating.

SONAR-3138 appears to have implemented general fallback for all external authentication providers, although there was a fix required for the LDAP provider to allow fallback to work. Assuming you're using sonar-crowd-plugin's CrowdAuthenticator.java it's possible that a similar bug remains in the Crowd authenticator.

Edit: the LDAP authenticator also has a full SecurityRealm. This may be necessary to get the fallback behaviour when a user doesn't pass authentication.