I know this post is a bit old now, but I had the same problem. To find the solution, I had to boost the logging level with sonar.log.level=DEBUG, which gave:
2025.01.09 16:35:58 DEBUG web[cda59c34-3671-4050-8023-d053c57032ec][auth.event] login failure [cause|Wrong CSFR in request][method|JWT][provider|LOCAL|local][IP|127.0.0.1|W.X.Y.Z][login|AXRF8TGs-xVU5gF5PNVG]
That lead to Wrong CSFR in request - #3 by sergiomontesa. My problem and solution matched exactly, as I front-end SonarQube with Apache, and I have Security Compliance controls that want to modify the cookies. Removing the HttpOnly fixes this problem.