Sonar EE scanner "Not authorized. Please check the properties sonar.login and sonar.password"

I have installed sonar EE 9.5.x with required license key. Executed the scanner and getting following “Not authorized. Please check the properties sonar.login and sonar.password”

Please offer guidance on what this means and how can I fix it? Feedback would be appreciated

Sending snippets below

[root@ip- ~]# docker run --rm \

-e SONAR_HOST_URL=“:9000”
-v “<repo_clone>:/usr/src” sonarsource/sonar-scanner-cli -X
14:02:12.106 INFO: Scanner configuration file: /opt/sonar-scanner/conf/
14:02:12.109 INFO: Project root configuration file: /usr/src/
14:02:12.148 INFO: SonarScanner
14:02:12.148 INFO: Java 11.0.14 Alpine (64-bit)
14:02:12.148 INFO: Linux 4.14.246-187.474.amzn2.x86_64 amd64
14:02:12.346 DEBUG: keyStore is :
14:02:12.349 DEBUG: keyStore type is : pkcs12
14:02:12.349 DEBUG: keyStore provider is :
14:02:12.349 DEBUG: init keystore
14:02:12.350 DEBUG: init keymanager of type SunX509
14:02:12.550 DEBUG: Create: /opt/sonar-scanner/.sonar/cache
14:02:12.553 INFO: User cache: /opt/sonar-scanner/.sonar/cache
14:02:12.553 DEBUG: Create: /opt/sonar-scanner/.sonar/cache/_tmp
14:02:12.561 DEBUG: Extract sonar-scanner-api-batch in temp…
14:02:12.569 DEBUG: Get bootstrap index…
14:02:12.569 DEBUG: Download:
14:02:12.677 DEBUG: Get bootstrap completed
14:02:12.683 DEBUG: Download http://<ipaddress:9000/batch/file?name=scanner-enterprise- to /opt/sonar-scanner/.sonar/cache/_tmp/fileCache15629858788976632278.tmp
14:02:13.094 DEBUG: Create isolated classloader…
14:02:13.105 DEBUG: Start temp cleaning…
14:02:13.110 DEBUG: Temp cleaning done
14:02:13.111 INFO: Scanner configuration file: /opt/sonar-scanner/conf/
14:02:13.112 INFO: Project root configuration file: /usr/src/
14:02:13.113 DEBUG: Execution getVersion
14:02:13.136 INFO: Analyzing on SonarQube server
14:02:13.137 INFO: Default locale: “en_US”, source code encoding: “UTF-8” (analysis is platform dependent)
14:02:13.138 DEBUG: Work directory: /usr/src/.scannerwork
14:02:13.140 DEBUG: Execution execute
14:02:13.556 DEBUG: Enterprise
14:02:13.874 INFO: Load global settings
14:02:13.932 DEBUG: GET 401 http://:9000/api/settings/values.protobuf | time=56ms
14:02:13.951 INFO: ------------------------------------------------------------------------
14:02:13.952 INFO: ------------------------------------------------------------------------
14:02:13.952 INFO: Total time: 1.855s
14:02:13.974 INFO: Final Memory: 5M/20M
14:02:13.974 INFO: ------------------------------------------------------------------------
14:02:13.975 ERROR: Error during SonarScanner execution
org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name '
Caused by: Not authorized. Please check the properties sonar.login and sonar.password.


What do you make of the error? It looks like you’re seeding the environment with an empty SONAR_LOGIN value…


Thus far, I have tried modifying the file below

[root@ip-<ip> isv_mock-main]# cat
# must be unique in a given SonarQube instance


# --- optional properties ---

# defaults to project key
#sonar.projectName=My project
# defaults to 'not provided'

# Path is relative to the file. Defaults to .

# Encoding of the source code. Default is default system encoding

Secondly, tried to run the command as follows

docker run --rm -e SONAR_HOST_URL="http://<IP>:9000" -e SONAR_LOGIN="<token>" -v "<gitclone_repo>:/usr/src" sonarsource/sonar-scanner-cli -X

In both instances, got the same message below

Caused by: org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.sonar.scanner.bootstrap.GlobalServerSettings]: Factory method 'provide' threw exception; nested exception is Not authorized. Please check the properties sonar.login and sonar.password.
        ... 84 more
Caused by: Not authorized. Please check the properties sonar.login and sonar.password.

Feedback on files to modify or options to add will be greatly appreciated


If you’re passing a token in the analysis command, I believe that’s going to override the values in your file. So might as well clean them out and avoid confusion. After that, you need to double-check the token you’re using to make very sure it has permissions to analyze the file.

And BTW, has the project been analyzed before? Does it already exist in SonarQube. I ask because the new Global Analysis Token type doesn’t have permissions to create projects on first analysis.


1 Like