SAML configuration issue

pvaid · June 23, 2025, 11:43am

Hi Team,

I have configured SAML on my sonarqube server.
When I check it with Test Configuration option then it shows error HTTP Status 500 – Internal Server Error, however after enabling the configuration SSO is working perfectly.

Only while using option Test Configuration its erroring out,
some errors i found in web.log file

Caused by: java.net.SocketException: Network is unreachable
        at java.base/sun.nio.ch.Net.connect0(Native Method)
        at java.base/sun.nio.ch.Net.connect(Net.java:579)
        at java.base/sun.nio.ch.Net.connect(Net.java:568)

        at org.sonar.core.util.DefaultHttpDownloader.executeCall(DefaultHttpDownloader.java:139)
        at org.sonar.core.util.DefaultHttpDownloader.readString(DefaultHttpDownloader.java:96)
        ... 63 common frames omitted
        Suppressed: java.net.SocketTimeoutException: Connect timed out
                at java.base/sun.nio.ch.NioSocketImpl.timedFinishConnect(NioSocketImpl.java:551)
                at java.base/sun.nio.ch.NioSocketImpl.connect(NioSocketImpl.java:602)
                ... 86 common frames omitted
        Suppressed: java.net.SocketTimeoutException: Connect timed out
                at java.base/sun.nio.ch.NioSocketImpl.timedFinishConnect(NioSocketImpl.java:551)
                at java.base/sun.nio.ch.NioSocketImpl.connect(NioSocketImpl.java:602)
                ... 86 common frames omitted
        Suppressed: java.net.SocketTimeoutException: Connect timed out
                at java.base/sun.nio.ch.NioSocketImpl.timedFinishConnect(NioSocketImpl.java:551)
                at java.base/sun.nio.ch.NioSocketImpl.connect(NioSocketImpl.java:602)
                ... 86 common frames omitted
        Suppressed: java.net.SocketTimeoutException: Connect timed out
                at java.base/sun.nio.ch.NioSocketImpl.timedFinishConnect(NioSocketImpl.java:551)
                at java.base/sun.nio.ch.NioSocketImpl.connect(NioSocketImpl.java:602)
                ... 86 common frames omitted
        Suppressed: java.net.SocketException: Network is unreachable
                ... 90 common frames omitted
        Suppressed: java.net.SocketException: Network is unreachable
                ... 90 common frames omitted
        Suppressed: java.net.SocketException: Network is unreachable
                ... 90 common frames omitted
        Suppressed: java.net.SocketException: Network is unreachable
                ... 90 common frames omitted
        Suppressed: java.net.SocketException: Network is unreachable
                ... 90 common frames omitted
        Suppressed: java.net.SocketException: Network is unreachable
                ... 90 common frames omitted
        Suppressed: java.net.SocketException: Network is unreachable
                ... 90 common frames omitted
2025.06.23 11:27:20 ERROR web[][o.s.s.p.w.RootFilter] Processing of request /saml/validation failed
java.lang.IllegalArgumentException: Illegal base64 character d

web.log file
web.log (29.4 KB)

Thank you for your time

Colin · June 24, 2025, 8:15am

Hey there.

It looks like the real issue is here:

java.lang.IllegalArgumentException: Illegal base64 character d

Take a look at this post:

pvaid · June 24, 2025, 11:08am

As mentioned in the post I deleted the SAML configuration and again added that, but still facing same issue
Note: My SSO is working fine only its failing at test configuration.

Guillaume_Peoch · June 26, 2025, 3:05pm

Hi @pvaid

Thank you for reporting this even tho your SSO is working fine

2025.06.23 11:27:20 ERROR web[...][o.s.s.p.w.RootFilter] Processing of request /saml/validation failed
java.lang.IllegalArgumentException: Illegal base64 character d
at org.sonar.auth.saml.SamlStatusChecker.isEncryptionEnabled(SamlStatusChecker.java:139)`:

SonarQube encountered an invalid Base64 character. This typically happens when:

The SAML response received from your Identity Provider (IdP) is malformed or corrupted.
There’s an issue with how the SAML response is being parsed or decrypted by SonarQube.

But given the earlier JCE warnings:

2025.06.23 11:25:21 WARN web[][o.o.x.c.i.JavaCryptoValidationInitializer] The JCE providers currently configured in the JVM do not support required capabilities for XML Encryption, either the 'AES' cipher algorithm or the 'ISO10126Padding' padding scheme and subsequent Algorithm failed runtime support check messages indicate that your Java Cryptography Extension (JCE) policy files might be outdated or restricted.

Please, ensure you have the unlimited strength JCE policy files installed for your JVM, especially if your IdP uses strong encryption for SAML assertions.

Cheers,

Topic		Replies	Views
SonarQube SAML authentication with Ping Federation not working SonarQube Server / Community Build sonarqube	7	43	January 6, 2025
SAML Authentication Test response not success SonarQube Server / Community Build sonarqube	1	134	January 25, 2024
How to configure the timeout for SAML reauthentication? SonarQube Server / Community Build saml	1	246	July 6, 2023
Configure SAML for sonarqube SonarQube Server / Community Build	1	379	March 3, 2022
Sonarqube ADFS (Active Directory Federation Service) SSO integration SonarQube Server / Community Build sonarqube , active_directory , sso	12	798	October 6, 2023

SAML configuration issue

Related topics