Hello,
We are having random issue when some users are getting 500 Error upon login.
Once they get this error, there is no way to fix it, other than deleting their AD account in SQ and create a local one instead. From out POV, it affects users randomly, who were able to access the site before.
which versions are you using: We are using SonarQube Server, running on a hyper-v vm, with IIS providing web functionality, version Enterprise Edition
v2025.1 (102418) / Community Build, Scanner, Plugin, and any relevant extension)
how is SonarQube deployed: Zip installation
what are you trying to achieve: Provide access to affected users on a more reliable basis and avoid this issue in future
what have you tried so far to achieve this: Server restart, app pool recycle, web browser cache purge
I am not sure which part of the logs to provide, but this is what I was able to find myself:
2025.04.01 12:23:09 ERROR web[][o.s.s.p.w.RootFilter] Processing of request / failed
java.lang.IllegalArgumentException: A user with login 'mriabukh' already exists
at com.google.common.base.Preconditions.checkArgument(Preconditions.java:218)
at org.sonar.server.user.UserUpdater.checkLoginUniqueness(UserUpdater.java:421)
at org.sonar.server.user.UserUpdater.createDto(UserUpdater.java:155)
at org.sonar.server.user.UserUpdater.createAndCommit(UserUpdater.java:93)
at org.sonar.server.authentication.UserRegistrarImpl.registerNewUser(UserRegistrarImpl.java:171)
at org.sonar.server.authentication.UserRegistrarImpl.register(UserRegistrarImpl.java:84)
at org.sonar.server.authentication.HttpHeadersAuthentication.doAuthenticate(HttpHeadersAuthentication.java:165)
at org.sonar.server.authentication.HttpHeadersAuthentication.doAuthenticate(HttpHeadersAuthentication.java:134)
at org.sonar.server.authentication.HttpHeadersAuthentication.authenticate(HttpHeadersAuthentication.java:111)
at org.sonar.server.authentication.RequestAuthenticatorImpl.loadUser(RequestAuthenticatorImpl.java:84)
at org.sonar.server.authentication.RequestAuthenticatorImpl.authenticate(RequestAuthenticatorImpl.java:68)
at org.sonar.server.authentication.UserSessionInitializer.loadUserSession(UserSessionInitializer.java:133)
at org.sonar.server.authentication.UserSessionInitializer.initUserSession(UserSessionInitializer.java:108)
at org.sonar.server.platform.web.UserSessionFilter.doFilter(UserSessionFilter.java:82)
at org.sonar.server.platform.web.UserSessionFilter.doFilter(UserSessionFilter.java:70)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:164)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140)
at org.sonar.server.platform.web.CspFilter.doFilter(CspFilter.java:67)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:164)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140)
at org.sonar.server.platform.web.CacheControlFilter.doFilter(CacheControlFilter.java:76)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:164)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140)
at org.sonar.server.platform.web.SecurityServletFilter.doHttpFilter(SecurityServletFilter.java:60)
at org.sonar.server.platform.web.SecurityServletFilter.doFilter(SecurityServletFilter.java:47)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:164)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140)
at org.sonar.server.platform.web.RedirectFilter.doFilter(RedirectFilter.java:56)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:164)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140)
at org.sonar.server.platform.web.EndpointPathFilter.doFilter(EndpointPathFilter.java:47)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:164)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140)
at org.sonar.server.platform.web.RequestIdFilter.doFilter(RequestIdFilter.java:66)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:164)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140)
at org.sonar.server.platform.web.RootFilter.doFilter(RootFilter.java:65)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:164)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140)
at org.apache.catalina.filters.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:115)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:164)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:167)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:90)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:483)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:115)
at ch.qos.logback.access.tomcat.LogbackValve.invoke(LogbackValve.java:268)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:93)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:344)
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:397)
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:63)
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:905)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1741)
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:52)
at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1190)
at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:63)
at java.base/java.lang.Thread.run(Thread.java:833)
Do not share screenshots of logs – share the text itself (bonus points for being well-formatted)!
Could you enable DEBUG server logging briefly (those logs get big, fast) and have an affected user try to log in to see if we get anything more in the logs? You can set the log level on the Administration → System page without needing to restart.
Hello Ann,
Once again, thank you for your time with this.
Here are debug logs.
Best Regards,
Mikhail R.
2025.04.04 11:51:14 INFO web[fede4003-e197-41e8-9526-2f4de35c236d][o.s.s.l.ServerLogging] Level of logs changed to DEBUG
2025.04.04 11:51:14 DEBUG web[2eb83948-450c-4e7d-96cd-631b93f2c66c][auth.event] login success [method|SONARQUBE_TOKEN][provider|LOCAL|local][IP|127.0.0.2|127.0.0.1:49728][login|admin]
2025.04.04 11:51:22 ERROR web[][o.s.s.p.w.RootFilter] Processing of request / failed
java.lang.IllegalArgumentException: A user with login 'mriabukh' already exists
at com.google.common.base.Preconditions.checkArgument(Preconditions.java:218)
at org.sonar.server.user.UserUpdater.checkLoginUniqueness(UserUpdater.java:421)
at org.sonar.server.user.UserUpdater.createDto(UserUpdater.java:155)
at org.sonar.server.user.UserUpdater.createAndCommit(UserUpdater.java:93)
at org.sonar.server.authentication.UserRegistrarImpl.registerNewUser(UserRegistrarImpl.java:171)
at org.sonar.server.authentication.UserRegistrarImpl.register(UserRegistrarImpl.java:84)
at org.sonar.server.authentication.HttpHeadersAuthentication.doAuthenticate(HttpHeadersAuthentication.java:165)
at org.sonar.server.authentication.HttpHeadersAuthentication.doAuthenticate(HttpHeadersAuthentication.java:134)
at org.sonar.server.authentication.HttpHeadersAuthentication.authenticate(HttpHeadersAuthentication.java:111)
at org.sonar.server.authentication.RequestAuthenticatorImpl.loadUser(RequestAuthenticatorImpl.java:84)
at org.sonar.server.authentication.RequestAuthenticatorImpl.authenticate(RequestAuthenticatorImpl.java:68)
at org.sonar.server.authentication.UserSessionInitializer.loadUserSession(UserSessionInitializer.java:133)
at org.sonar.server.authentication.UserSessionInitializer.initUserSession(UserSessionInitializer.java:108)
at org.sonar.server.platform.web.UserSessionFilter.doFilter(UserSessionFilter.java:82)
at org.sonar.server.platform.web.UserSessionFilter.doFilter(UserSessionFilter.java:70)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:164)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140)
at org.sonar.server.platform.web.CspFilter.doFilter(CspFilter.java:67)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:164)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140)
at org.sonar.server.platform.web.CacheControlFilter.doFilter(CacheControlFilter.java:76)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:164)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140)
at org.sonar.server.platform.web.SecurityServletFilter.doHttpFilter(SecurityServletFilter.java:60)
at org.sonar.server.platform.web.SecurityServletFilter.doFilter(SecurityServletFilter.java:47)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:164)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140)
at org.sonar.server.platform.web.RedirectFilter.doFilter(RedirectFilter.java:56)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:164)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140)
at org.sonar.server.platform.web.EndpointPathFilter.doFilter(EndpointPathFilter.java:47)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:164)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140)
at org.sonar.server.platform.web.RequestIdFilter.doFilter(RequestIdFilter.java:66)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:164)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140)
at org.sonar.server.platform.web.RootFilter.doFilter(RootFilter.java:65)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:164)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140)
at org.apache.catalina.filters.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:115)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:164)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:167)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:90)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:483)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:115)
at ch.qos.logback.access.tomcat.LogbackValve.invoke(LogbackValve.java:268)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:93)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:344)
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:397)
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:63)
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:905)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1741)
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:52)
at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1190)
at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:63)
at java.base/java.lang.Thread.run(Thread.java:833)
2025.04.04 11:51:26 DEBUG web[63db8523-5f44-4fc9-87e1-c5caa9bd382b][auth.event] login success [method|SONARQUBE_TOKEN][provider|LOCAL|local][IP|127.0.0.2|10.1.206.164:53225][login|admin]
2025.04.04 11:51:26 DEBUG web[d89306b0-7b64-431d-9e2f-1feb0b9013d8][auth.event] login success [method|SONARQUBE_TOKEN][provider|LOCAL|local][IP|10.1.233.76|][login|sdemid]
2025.04.04 11:51:26 DEBUG web[9173b24f-ab35-4012-ab1f-e01ea6c82b74][auth.event] login success [method|SONARQUBE_TOKEN][provider|LOCAL|local][IP|127.0.0.2|10.1.206.164:53225][login|admin]
2025.04.04 11:51:26 DEBUG web[761743b6-f3c9-45bb-9f1a-945b914aa626][auth.event] login success [method|SONARQUBE_TOKEN][provider|LOCAL|local][IP|127.0.0.2|10.1.206.164:53225][login|admin]
2025.04.04 11:51:26 DEBUG web[c23294f2-1d97-4b4a-a4c8-6fbfb36daaef][auth.event] login success [method|SONARQUBE_TOKEN][provider|LOCAL|local][IP|127.0.0.2|10.1.206.164:53225][login|admin]
2025.04.04 11:51:26 DEBUG web[9775e826-41fc-4b81-bb46-55a8279e2545][auth.event] login success [method|SONARQUBE_TOKEN][provider|LOCAL|local][IP|127.0.0.2|10.1.206.164:53225][login|admin]
2025.04.04 11:51:26 DEBUG web[df8a0e0e-01bc-4083-b695-95531118a39c][auth.event] login success [method|SONARQUBE_TOKEN][provider|LOCAL|local][IP|127.0.0.2|10.1.206.164:53225][login|admin]
2025.04.04 11:51:26 DEBUG web[f2a2e552-cbba-4fff-bbd2-6aa3a9dfba9e][auth.event] login success [method|SONARQUBE_TOKEN][provider|LOCAL|local][IP|127.0.0.2|10.1.206.164:53225][login|admin]
2025.04.04 11:51:29 DEBUG web[][c.z.h.p.HikariPool] HikariPool-1 - Before cleanup stats (total=10/60, idle=10/10, active=0, waiting=0)
2025.04.04 11:51:29 DEBUG web[][c.z.h.p.HikariPool] HikariPool-1 - After cleanup stats (total=10/60, idle=10/10, active=0, waiting=0)
2025.04.04 11:51:29 DEBUG web[][c.z.h.p.HikariPool] HikariPool-1 - Fill pool skipped, pool has sufficient level or currently being filled.
2025.04.04 11:51:30 DEBUG web[][c.z.h.p.HikariPool] HikariPool-1 - keepalive: connection ConnectionID:11779 ClientConnectionId: 96711a82-6028-4dbc-b122-eb35ffb5fe51 is alive
2025.04.04 11:51:34 INFO web[f980ebeb-76b8-4694-8ed3-d6c6928ddacc][o.s.s.l.ServerLogging] Level of logs changed to INFO
Hello Ann,
Should we go for trace level of logging?
Also, what would be the best way to “delete” affected account from the SQ? I mean, I know I can deactivate it. However, deactivation is not the same as deleting.
And removing personal information does not make me think it would be “deleted”. Or would it? Thing is, I am concerned, that we would not be able to recreate it, since access is granted via AD groups.
I want to test, if “deleting” the account and creating it again would fix that behavior.
