Make sure to tell us:
- What version are you upgrading from?8.9 LTS to 9.9 LTS
- What’s the issue you’re facing? SAML authentication
- System information: I am upgrading from Sonarqube 8.9 LTS to 9.9 LTS. The application is containerized as a docker image and ran on an ECS Fargate Cluster. This application also runs a PostgreSQL database of version 15.3 in the backend. In my case, both the application and database are been upgraded in this process from 8.9 LTS to 9.9 LTS and from 13.8 PostgreSQL to 15.3. However, after upgrading the application, I can not login into the 9.9 LTS version application with SAML authentication. The button do exists, but whenever I am trying to login, I get an error saying “You’re not authorized to access this page. please contact the administrator”.Reason: Invalid issuer in the Assertion/Response. Was ‘https://sts.windows.net/xxxxxxxxx/’, but expected ‘https://sts.windows.net/xxxxxxxxx’. "
Now from the reason, I see that the only difference in these two urls is the extra “/” at the end. This url is the value of the sonar.auth.saml.providerId. This value is passed as an environment variable to the application container. These values are also reflected in the database which I logged into and double checked the sonar.auth.saml.providerId but did not have an extra “/”.
Although I can not login via SAML, I can login with admin credentials. The app seems to be upgraded and all but other users can not login. I am wondering what may be causing the issue with the SAML authentication. I would appreciate some sort of solution or insights.