Version: SonarQube CE 8.6.0.39681
I have setup SonarQube behind Azure Application Gateway (AGW). Basically AGW is like a reverse proxy. AGW has a public IP address and it forwards requests to SonarQube and my other applications. Based on my experience with other applications, AGW sets the X-Forwarded-* headers correctly. SonarQube has a private IP address and hostname.
Now, I am trying to setup SAML authentication using Azure AD. Otherwise it works fine but the callback to SonarQube fails. I can see an error like this in the logs:
The response was received at https://sonarqube.private.example.com/oauth2/callback/saml instead of https://sonarqube.public.example.com/oauth2/callback/saml
I have set the SonarQube base URL as https://sonarqube.public.example.com. Clearly this is used to generate the callback URL (AssertionConsumerServiceURL) but not to validate the response.
How can I configure SonarQube to use the base URL / public hostname to validate the response?