Not authorized, but login and password are correct, I think

I’m using the latest version of Sonarqube’s docker image, with Java and Gradle, I run this command:

./gradlew sonarqube
\ -Dsonar.projectKey=certi:smi
\ -Dsonar.host.url=http://localhost:9000
\ -Dsonar.login=d9485adba92198844074498dd8082c40808e0bab --warning-mode all`

and I get this error:

Execution failed for task ':app:sonarqube'.
> Not authorized. Please check the properties sonar.login and sonar.password.

But the login and password are already defined in my gradle.properties

systemProp.sonar.login=admin
systemProp.sonar.password=admin

Hi,

Welcome to the community!

There are a couple things going on here.

First, admin/admin can be a global administrator and still not have analyze permissions on a project. So there’s that. But even if it does have permissions, those aren’t the credentials you’re using for analysis. You’re overriding those scanner-level values on the command line with -Dsonar.login=d9485adba92198844074498dd8082c40808e0bab, which is the auth token of… some user who may or may not have analysis rights on the project.

Of course, you’ve already deleted that token, right? RIGHT?

So once you clean that token out of your command line config and out of the user profile SonarQube-side, you’ll set up a new token that you’ll keep private for a user that you know has analysis rights & configure that on the command line instead.

Alternately, you can clean admin/admin out of your Gradle properties (well, do this either way) and configure in the token value for a limited-permissions technical user that has Browse and Analyze on all (most?) projects and no other permissions. Then there’s no need to configure credentials on the command line.

 
HTH,
Ann

Hey,

I am facing the same problem when I am running sonarqube scan command by Gradle. it is showing build run successfully but the report is not displaying on the dashboard. So I run the command on the Linux box after that error is Not authorized, but login and password are correct. But I am passing the sonar token with the command. Also, I have checked on Jenkins my job is taken token.

Please help to resolve.

Hi,

Please start a new thread for this and include details such as your analysis command and log.

 
Ann