Problem with Azure AD SAML on SonarQube 9 over SSL

Must-share information (formatted with Markdown):

• which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)
  Version: 9.0.0.45539, using native SAML

• what are you trying to achieve
  We want to be able to sign in using our Azure AD accounts over a secure connection using SSL.

• what have you tried so far to achieve this
  We are running SQ on Windows Server 2019, using IIS as reverse proxy for SSL, as described here: Operating the Server | SonarQube Docs
  This link also says that the instructions for setting up SSL on IIS is not recommended together with SAML.
  For the SAML/Azure AD SSO part we have followed this guide: Tutorial: Azure Active Directory single sign-on (SSO) integration with Sonarqube | Microsoft Docs
  And when testing the Azure AD Enterprise app we get the following from SQ:
  “You’re not authorized to access this page. Please contact the administrator.”
  Also, when using the “Sign in with SAML” button on the SQ landing page we just get a spinner, and then it goes back to the landing page with the sign in button. Nothing else happens.

I assume it’s because of the redirection being doing, but how would we accomplish using Azure AD as SSO with SSL configured using IIS? I can’t find any up to date information on this topic, so any help would be much appreciated.

Hello Nicklas,

Were you able to set up the SAML SSO with AzureAD?

If not, I recommend you to try out the miniOrange SAML Plugin for SonarQube

You can refer this document - mO SonarQube SSO to get started with the configuration.

This plugin works well in the proxy environment and also has a lot of additional features like:

• User profile Provisioning
• On the fly Group Mapping
• Signed SAML request to provide an additional layer of security.
• Test Configuration, using which you can verify your SAML configurations and validate the SAML response.

You can also reach out to us at info@xecurify.com if you face any issues. We’ll be happy to help.