-
which versions are you using:
SonarQube 9.9.1-enterprise -
how is SonarQube deployed:
Azure App Service (Docker) -
what are you trying to achieve:
Link Sonarqube with Github trough OIDC. The running App Service Instance of Sonarqube is accessed trough a DNS that is routed over Azure FrontDoor. On the FrontDoor the WAF manages policies of azure are active. Once these policies are active, the login on sonarqube is not possible anymore with github unless I deactivate the policies again.
Error: “You are not authorized to view this page. Please contact Administrator.”
Looks like the active policies block the protocol or some header values that are used for the exchange between sonar and github.
I’m using the Azure Default Rule Set 2.0.
- what have you tried so far to achieve this:
I tried disabling one by one of the azure managed policies to see which one causes the issue, and could get steps further. But it kept blocking parts in later stages.
Do you have any recommendation for such scenario and can help me find the policies that are causing this issue?