- Sonarqube version 9.9
- Deployed using a zip file
- Running on Windows Server 2016 Datacenter
- Using IIS as the Reverse Proxy
We are currently attempting to integrate our Sonarqube and F5 SAML. Our Sonarqube deployment is running on Windows Server 2016 with IIS doing the Reverse proxy to port 443. We followed the IIS configuration in the Operating the server documentation. When enabling SAML we are getting the following error message
You’re not authorized to access this page. Please contact the administrator.
Reason: The response was received at http://sonarqube.domain.com/oauth2/callback/saml instead of https://sonarqube.domain.com/oauth2/callback/saml
I found the following article which shows the same error message SonarQube Users: Let's talk about IIS and SAML Authentication! however after following the steps we still get the same error.
One thing I noticed between the two articles is the header forwarder. In the “Operating the server” article it has you set it as " X_FORWARDED_PROTO" and in the “sonarqube-users-lets-talk-about-iis-and-saml-authentication” it has you set the header with “HTTP_X_FORWARDED_PROTO”. I attempted to make the change however I get a 500-page error when doing so. Is having the “HTTP” required to make SAML redirect correctly? If so can someone help identify why I am getting a 500 error when adding it in?