AzureAD SAML authentication: "You're not autherized to access this page"

squser1 · February 9, 2023, 8:01am

Environment:

SonarQube Community Edition version 9.7.1 (build 62043)
We’re using the SonarQubes Docker image and Azure Container Instance
In front of the Container we have an Azure Application Gateway.
The AGW listen on a public DNS name
The Container has a private IP address

I’ve configured SAML authentication via Azure AD according to this guide: SonarQube

When I test the function via the “Test configuration” button it works fine.

But when I go to the site via the Application Gateway I get this error:

Colin · February 10, 2023, 9:13am

Hey there.

This user faced a similar issue with Azure Application Gateway

I believe they solved it by making sure the hostname was picked up from the backend address (Azure Application Gateway HTTP settings configuration | Microsoft Learn). You might also find the documentation on Host name preservation useful.

Make sure you upgrade to SonarQube v9.9 LTS soon, not only to benefit from our Best LTS Ever™, but because soon we will systematically ask users to upgrade when they ask questions about earlier versions of SonarQube, which are now considered unsupported.

squser1 · February 13, 2023, 12:12pm

Thank you for your answer and pointing me in the right direction.
The solution for me was to change the HTTP Settings in the Application Gateway.
The setting “Pick host name from backend target” didn’t do anything - instead I kept the value “Override with specific domain name” and changed the value for “Host name” from the private IP address to the public DNS name.

system · February 20, 2023, 12:12pm

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.