HTTP Headers Authentication

My team is implementing the Sonar, and one of the requirements is to use a reversed proxy to authentication users. Until here it’s all fine, but I have some doubts about:

  • Does Sonar can delegate the user session to this proxy. The proxy will control the login and logoff;
  • Can I disable the login form, so the only login method will be via proxy;
  • Can I include same header on Sonar response, or I have to do that via proxy


Welcome to the community!

The docs should help.



the proxy will forward any headers you’ve configured to Sonarqube
the login may be disabled via SSO configured in $SONARQUBE_HOME/conf/
and the sonar.web.sso* properties.
Not sure what you’re asking for with your third question. The Sonaraqube webhook feature works fine with using an apache reverse proxy.


1 Like