Security features

SonarQube Community Build comes with a number of global security features.

SonarQube Community Build comes with a number of global security features:

  • On-board authentication and authorization mechanisms.

  • The ability to force users to authenticate before they can see any part of a SonarQube instance.

  • The ability to delegate to authentication.

Additionally, it’s possible to configure at a group or user level who can:

  • See that a project even exists.

  • Access a project’s source code.

  • Administer a project (set exclusion patterns, tune plugin configuration for that project, etc.).

  • Administer Quality Profiles, Quality Gates, and the SonarQube instance itself.

Another aspect of security is the encryption of settings such as passwords. SonarQube Community Build provides a built-in mechanism to encrypt settings.

See:

Last updated

Was this helpful?