Project analysis on master branch failed due to 'Can not find DTO for assignee uuid'

Must-share information (formatted with Markdown):

  • which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)
    Version 8.3.1.34397 - Developer Edition

The latest sonar analysis scan is failing on our main branch (master) with no changes to the configuration in a month or so. Looking at the error displayed in the background tasks I see the following error:

Error Details
java.lang.IllegalStateException: Can not find DTO for assignee uuid drodriguez
	at com.google.common.base.Preconditions.checkState(Preconditions.java:589)
	at org.sonar.ce.task.projectanalysis.notification.NotificationFactory.getAssignee(NotificationFactory.java:108)
	at org.sonar.ce.task.projectanalysis.notification.NotificationFactory.lambda$newIssuesChangesNotification$0(NotificationFactory.java:91)
	at java.base/java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:195)

I have verified that user exists and has existed since we created the server over a year ago. Maybe related, I took a look at the users lists in the security section and did notice somehow the user is duplicated with the same uuid, email, and permissions. Also note, we are using Azure AD for authentication.

Hi David,

This won’t have a simple solution. Let’s first diagnose:

  • Can you verify, on SonarQube server side, the file $SONARQUBE-HOME/conf/sonar.properties and tell me whether sonar.authenticator.downcase is set to false or true? (as described here)
  • Are the uuids of the two users the same or is there any difference in terms of lowercase/uppercase?
  1. sonar.authenticator.downcase is commented out in the sonar.properties file. It appears to be a configuration for LDAP, however we are using Azure SAML based authentication.
  2. In the UI, they visually match and look the same. I took a look in the ‘users’ table in the postgresql database and noticed there is only 1 entry for the user ‘name’ and ‘email’.

Interestingly, the uuid value for the user is not the username itself, but a random set of characters.

Hi David,

You are right, the property I mentioned is only for LDAP and should not apply to you. My bad!

If the uuid is a random set of characters, then you might have not disabled encryption on Azure AD SAML responses. SAML encrypted responses are not supported. SAML encryption should be disabled in Azure AD. Could you check this?

Sorry for the slow response as I have been out of office since the 10th. Looking at the configurations now in Azure and Sonar. I think there was confusion when setting up the external authentication. Sonarqube is configured to use the Azure AD plugin for authentication instead of SAML. Does this make a difference? I am looking at enabling SAML for the application today to see if this fixes the error.

So the analysis is working again, thanks for your help. I did see the following warning message for multiple users in the ‘ce.log’ file. Should this be a concern?

2020.07.14 12:46:47 WARN ce[AXNOb5SWDnoNcqdCoacS][o.s.c.t.p.i.ScmAccountToUserLoader] Multiple users share the SCM account