Azure SAML SSO Authentication for SonarQube Login Page Looping

  • Community Edition Version 9.7.1
  • Azure SSO for SonarQube using SAML

Hey thanks for reading in!

I am having issues when configuring the SonarQube SAML Authentication with the Azure IDP.

After configuring the Azure Enterprise Application and SonarQube with the below settings, the SonarQube SAML login page loops and does NOT authenticate users into the application.

I have the users explicitly assigned to the application in the Enterprise Application and the user accounts are NOT created in SonarQube.

I have been spinning my wheels here and I could use any assistance here. Let me know your thoughts!

Identifier (Entity ID) → Application ID
Certificate (Base64) → Identity provider certificate

image

Hi,

What happens when you click the ‘Test configuration’ button?

 
Ann

When clicking Test Configuration, the page is redirected to the error page " The page you were looking for does not exist.". See screenshot

The user account does not redirect to the SAML login page and keeps the current account logged in.
image

I just had this very same issue. If you are doing SSL via IIS, take a look at this post. There are more steps needed in the reverse proxy setup not in the documentation.

1 Like

Yes, I have validated that we have Application Request Routing in place with the below setting configured. We also have the URL Rewrites in place as well.

After testing the configuration with setting, we are redirected to our SAML login page, but now there is a rewrite issue with the localhost. We has also changed the redirects to point to back our sonarqube.DOMAIN.com as the reason stated, but with this change the application begins to loop again.

image

Hi @deantrey.loche,

Have you configured your Server base URL?

 
Ann

To confirm, you did these steps in addition to the ones listed in the documentation?

1 Like

Yes the Server base URL is configured both in Azure AD Enterprise Applications, as well as in SonarQube → Administration → SAML → Application ID. Should Server base URL be configured anywhere else?

Yes, all steps have been completed following SonarQube Users: Let's talk about IIS and SAML Authentication!.

image

We are now being taken to the Microsoft login page, but after authentication we are facing the issue mentioned below.

image

Have you set the Server Base URL in Administration → General → Server base URL? After updating, cycle the SonarQube service.

Yes, the Server Base URL has been set for the application. The Server Base URL was set prior to any SSO configurations.

The error seems to indicate something is not correct in your reverse proxy setup. Can you compare that your web.config found in the IIS physical path (inetpub according the docs) looks like this?

After looking at the web.config file, everything looks the same.