SAML CSRF state value is invalid

Hi Guys,

We have integrated Sonarqubw with SAML integration. Getting an error while login.
Logs below:

2020.04.17 11:06:09 DEBUG web[AXGDNwSHGiojiL7hAAQL][c.o.saml2.Auth] processResponse success --> PHNhbWxwOlJlc3BvbnNlIFZlcnNpb249IjIuMCIgSUQ9InVkZy1uckxMV2suQ3J2NjEyaHdmU0pyc1JfcCIgSXNzdWVJbnN0YW50PSIyMDIwLTA0LTE3VDExOjA2OjA4LjkyNloiIHhtbG5zOnNhbWxwPSJ1
2020.04.17 11:06:09 TRACE web[AXGDNwSHGiojiL7hAAQL][sql] time=1ms | sql=select p.prop_key as "key", p.is_empty as empty, p.text_value as textValue, p.clob_value as clobValue, p.resource_id as resourceId, p.user_id as userId from properties p where p.prop_key=? and p.resource_id is null and p.user_id is null | params=sonar.auth.saml.providerName
2020.04.17 11:06:09 DEBUG web[AXGDNwSHGiojiL7hAAQL][auth.event] login failure [cause|CSRF state value is invalid][method|OAUTH2][provider|EXTERNAL|SAML][IP|10.120.3.58|10.68.132.131][login|]
2020.04.17 11:06:10 TRACE web[AXGDNwSHGiojiL7hAAQM][o.s.s.u.UserSessionFilter] Thread[http-nio-0.0.0.0-9000-exec-4,5,main] serves /sonarqube/sessions/unauthorized
2020.04.17 11:06:10 TRACE web[AXGDNwSHGiojiL7hAAQN][o.s.s.u.UserSessionFilter] Thread[http-nio-0.0.0.0-9000-exec-5,5,main] serves /sonarqube/api/navigation/global

This is in browser
You’re not authorized to access this page. Please contact the administrator.
Reason: CSRF state value is invalid
Can anyone help
Thanks!!
Manoj

Hi,

First of all, which authentication system are you using to do the SAML authentication ?
Then, could you please check in your proxy that you’re not disabling cookies using HTTP only flag to false ?

Regards

Hi julien,

We are using SAML PINGFederate,
All the cookies are enabled.

We are doing a POC to procure.

Please assist.

Thanks!!
Manoj

Hi Julien,

Eagerly waiting for your assistance.

Thank you!!
Regards,
Manoj

Hi,

This issue is strange, could you please check that the following cookie exist : XSRF-TOKEN

Thanks

@manojreddy did you solve this in the end? We’re experiencing the same issue.