Security features

SonarQube Community Build comes with a number of global security features.

SonarQube Community Build comes with a number of global security features:

On-board authentication and authorization mechanisms.
The ability to force users to authenticate before they can see any part of a SonarQube instance.
The ability to delegate to authentication.

Additionally, it’s possible to configure at a group or user level who can:

See that a project even exists.
Access a project’s source code.
Administer a project (set exclusion patterns, tune plugin configuration for that project, etc.).
Administer Quality Profiles, Quality Gates, and the SonarQube instance itself.

Another aspect of security is the encryption of settings such as passwords. SonarQube Community Build provides a built-in mechanism to encrypt settings.

See:

User accounts
Managing groups
Managing permissions
Setting project permissions
Sensitive settings

PreviousNotifications NextHousekeeping

Last updated 2 months ago

Was this helpful?