search

cloudogu / sonar-cas-plugin

CAS Authentication support for SonarQube
14 stars 8 forks source link

Fix error 'Could not create cookie. Context path must not be empty… #24

Closed solosky closed 4 years ago

solosky commented 4 years ago

Hi there,

I really like the sonar plugin and it helps us a lot. Thank you very much for contributing so great plugin. BTW, I have fixed some bugs, hope it could make life better.

  1. Fix error 'Could not create cookie. Context path must not be empty.' when context path is unset or to '/'
  2. Do not update user group when group attribute is not returned by cas server
  3. version upgrade to 2.0.2
ppxl commented 4 years ago

Hey @solosky, thank you so much for your contribution! I am glad to hear that this plug-in is helpful.

In order to know our audience better and provide even better software, do you mind to to tell me how this plug-in is used?

  1. In which context do you use this plug-in? For exampe, running a single sonar instance or within a Cloudogu EcoSystem
  2. Under which circumstances is the context path unset?
  3. Under which circumstances is the group attribute empty?

That would help to understand your use-case (and hopefully those of others). I will look into the changes soon and let you know.

solosky commented 4 years ago

Hi @ppxl ,

Thank your time.

In which context do you use this plug-in? For exampe, running a single sonar instance or within a Cloudogu EcoSystem

I am working in a small team, we have Apereo CAS for Single Sign On of all development support system, like Gitlab, Confluence etc, and Sonar for source code audit. We are trying to integrate SSO on Sonar using the Sonar CAS Plugin, it seems your work is the best option and works well after I fixed some minor issues. We are only running a single sonar instance currenrtly.

Under which circumstances is the context path unset?

we configured Sonar with ROOT (/) context, and created a dedicated domain like https://sonar.xxxx.com to access Sonar web portal. it's very neat because no need to input web context after the domain. It works well before I setup the CAS plugin. After configured the CAS plugin properly according the document, the sonar said "Could not create cookie. Context path must not be empty" in the log which make the integration failed.

Under which circumstances is the group attribute empty?

As I mentioned above, we have CAS connected to a Microsoft Active Directory to do authentication for all systems, and we do not configure roles/groups in AD, which is very reasonable, because user roles in every system is different, and also can not categorized to unified groups or roles. we configure group/role in every system other than in AD.

ppxl commented 4 years ago

Hi @ppxl ,

Thank your time.

In which context do you use this plug-in? For exampe, running a single sonar instance or within a Cloudogu EcoSystem

I am working in a small team, we have Apereo CAS for Single Sign On of all development support system, like Gitlab, Confluence etc, and Sonar for source code audit. We are trying to integrate SSO on Sonar using the Sonar CAS Plugin, it seems your work is the best option and works well after I fixed some minor issues. We are only running a single sonar instance currenrtly.

Under which circumstances is the context path unset?

we configured Sonar with ROOT (/) context, and created a dedicated domain like https://sonar.xxxx.com to access Sonar web portal. it's very neat because no need to input web context after the domain. It works well before I setup the CAS plugin. After configured the CAS plugin properly according the document, the sonar said "Could not create cookie. Context path must not be empty" in the log which make the integration failed.

Under which circumstances is the group attribute empty?

As I mentioned above, we have CAS connected to a Microsoft Active Directory to do authentication for all systems, and we do not configure roles/groups in AD, which is very reasonable, because user roles in every system is different, and also can not categorized to unified groups or roles. we configure group/role in every system other than in AD.

Thank you for providing insights how you use our plug-in. I figure there are some more of such gotchas. I try to keep my eyes open about such configurations :)