Problem configuring authentication with Github.com or SAML ADFS

1. which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)

SonarQube - Version 9.9.1
No plugins installed

2. how is SonarQube deployed

Docker

3. what are you trying to achieve

We are trying to set up authentication with github.com, but we are encountering issues.

We have created an application on github.com to obtain the client ID and secret for use in SonarQube. The URLs we are using on github.com are:

• Homepage URL - https ://sonar.domain/
• Callback URL - https ://sonar.domain/oauth2/callback/github
• Activate flag - Request user authorization (OAuth) during installation

We have conducted several tests with different endpoints, but none have been successful. The error we are encountering with this latest configuration is:

• “You’re not authorized to access this page. Please contact the administrator.”

We are not certain how to authorize that access.

Could we possibly be missing some configuration?

We have also attempted to set up authentication using SAML via ADFS, but we haven’t achieved satisfactory results either.

The configuration we are using in SonarQube for SAML is as follows:

• Application ID - https ://sonar.domain/oauth2/callback/saml
• Provider Name - SAML
• Provider ID - https ://adfs.domain/adfs/services/trust
• SAML login URL - https ://adfs.domain/adfs/ls/
• SAML user login attribute - sonar.auth.saml.user.login
• SAML user name attribute - sonar.auth.saml.user.name
• SAML user email attribute - sonar.auth.saml.user.mail

The callback URLs we have tested in ADFS are:

• https ://sonar.domain/auth/realms/sonarqube/protocol/saml
• https ://sonar.domain/adfs/ls/idpinitiatedsignon.aspx
• https ://sonar.domain/oauth2/callback/saml

The error we are encountering is:

• Error details: MSIS3200: No AssertionConsumerService is configured on the relying party trust 'https ://sonar.domain/oauth2/callback/saml’ that is a prefix match of the AssertionConsumerService URL 'http ://localhost:9000/oauth2/callback/saml’ specified by the request.

Is is possible that we have made a mistake with the callback URL.?

KR

Hey there.

Have you configured the global Administration > General > Server base URL setting of your SonarQube instance?