HTTP Headers authentication encoding issue

Hello,

I’m facing an encoding issue with HTTP Headers authentication. You will noticed that my first name is François with a nice “ç”. I wonder how sonarqube is reading the HTTP Headers and what are the supported encoding format. How to write the header (define in the property “sonar.web.sso.nameHeader”) to let sonarqube read it properly ?

Bonjour François,

Normally, the Tomcat server makes sure everything is UTF-8 encoded. However, there are cases where the payload may get double-encoded. In your case, if you can set the HTTP request headers’ encoding to ISO-8859-1, it should work.

POC, where I configured a NginX as a reverse proxy, and hard-coded the headers (encoded in ISO-8859-1):

server {
    listen       80;
    listen  [::]:80;
    server_name  localhost;

    location / {
        proxy_set_header X-Forwarded-Login "admin";
        proxy_set_header X-Forwarded-Name "François";
        proxy_set_header X-Forwarded-Email "admin@admin.com";
        proxy_pass http://localhost:9000;
    }
}

On SonarQube:

Screenshot 2021-01-08 at 14.39.10

HTH.

Cheers.

1 Like