Log in issue after sonarqube:9.9-developer image upgrade

Make sure to tell us:

  • What version are you upgrading from?
    9.6.1-developer image
  • System information (Operating system, Java version, Database provider/version)
    OS: Linux, Java version: 16, DB version: Azure SQL
  • What’s the issue you’re facing?
    Log in issue(intermittent) after sonarqube:9.9-developer image upgrade. Log in page just redirects back to the log in page after providing the correct credentials.

Hi,

There’s not a lot to go on here.

Have you checked your server logs to see if there are any errors when these looping redirects happen?

What’s your auth system?

What shows up in the user’s browser console when this happens? Anything?

 
Ann

Hi Ann,

Thanks for the reply.
Have you checked your [server logs] to see if there are any errors when these looping redirects happen?
We did not see anything on the logs.

What’s your auth system?
Its a default basic auth type.

What shows up in the user’s browser console when this happens? Anything?
After providing credentials and hitting enter, it again redirects back to the login page. Sometimes, it redirects to …/sonarqube/projects page but still not logged in.

Hi,

Does that mean you’re using SonarQube’s built-in authentication?

With redirects, it sounds like there’s SAML involved…?

 
Ann

Yes, Sonarqube built-in authentication.
Attaching few screenshots here:

After I enter the credentials and hit enter, this is how it looks:


As you can see on the right top corner(red mark), it is still not logged in.

Hi,

You should increase your server logging level to DEBUG and try logging in again. More than likely this is just a bad password. It’s possible that case is playing a role here.

Note that a global admin can reset a locally-maintained user’s password.

 
HTH,
Ann

Hi,

I have a global admin access and I’m sure that the password is right. If its wrong, it’ll be shown like this:
image

I’ll set the logging level to DEBUG and update you soon.

Hi,

I’ve set the below config in the SonarQube deployment yaml and tried:
image

Still not able to log in. Any other suggestions, please.

Hi,

With the system logging at debug, I’m interested in what shows up in your server logs when you try to log in.

 
Ann

Attaching sonar.log
sonar.log (3.1 KB)

Hi,

Did you read the log? If so, what did you make of this?

2023.05.03 14:18:44 WARN  app[][startup] ####################################################################################################################
2023.05.03 14:18:44 WARN  app[][startup] Default Administrator credentials are still being used. Make sure to change the password or deactivate the account.
2023.05.03 14:18:44 WARN  app[][startup] ####################################################################################################################

 
Ann

Hi Ann,

Yes, as per the log default credentials are in use. I’m using the default credentials to login but not able to login. To change the password I need to login to that dashboard first.
Is there any other way to do that?

Hi,

Okay, so the default credentials (admin/admin) were in use when the instance started up. If you weren’t able to log in with them, then there’s likely something between you & SonarQube (e.g. a proxy) interfering with the traffic.

 
HTH,
Ann

Hi Ann,

There is no proxy because we are able to see all the project information on the Sonar dashboard but not able to login with default credentials.

Thanks,
Sharanya K

Hi Sharanya,

That’s unrelated. There may still be a proxy in between.

Nonetheless, I suggest you try reinstating the default credentials and go from there.

 
HTH,
Ann

We tried resetting the password in the database, seeing the same result. After login page, we able to see the dashboard like before but still not logged in.

Hi,

You should make sure you’re accepting cookies. After that, I’m out of ideas.

 
Ann

Hi Ann,

We created another Sonarqube instance and tried logging in, it worked. I was able to login and reset the password. But it is intermediate, now I’m not able to login.

Is it okay if we rollback to the older version(9.6.1-developer image)?
Is there a way for you to create a ticket internally and assign an engineer on this please?