Hey @ganncamp, we are using SAML to connect it to Azure AD as our Identity Provider,
All worked fine on Sonar 8, but after the upgrade to 8.9.3 the issue started.
We are running our sonar server from Docker (Sonar Developer Edition), all the solutions that I see on the comunity are about OnPrem deployments (IIS/NGINX) nothing abut docker.
This is the error message that I am getting…
**2021.12.14 21:26:23 ERROR web[AX26xTNOnEgmkD6KAADZ][c.o.s.a.SamlResponse] Invalid issuer in the Assertion/Response. Was 'https://sts.windows.net/46c98d88-e344-4ed4-8496-4ed7712e255d/', but expected '9sCHl7PKTXKRdQlblUwGXGlR3GI5kFiabCQS63Wc2vE='**
**2021.12.14 21:26:23 ERROR web[AX26xTNOnEgmkD6KAADZ][c.o.saml2.Auth] processResponse error. invalid_response**
We made some changes to SAML in the 8-series, although I’m having trouble finding the details. Can you revisit the docs since it’s possible the required configuration has changed?
Also, I’m a bit out of my depth at this point, so I’ve flagged this post for more expert attention.
@ganncamp unfortunately the documentation is not enough to provide me the root cause or direction about my issue, it just says “we added additional checks to SAML”, but what I supposed to do about that?
We followed the standards from the Identify provider (Azure AD).
If you can bring expertise to support us on this topic would be appreciate it.
Hi @raulvi
hopefully you’ve solved your problem since last week.
But if not the case, I would recommend to:
have a look at this Microsoft tutorial. I just tested with my SonarQube 9.2 and found it quite effective. I had it working for a test user in less than 1 hour.
enable DEBUG logs on your SonarQube instance. You can do it from the Administration → System UI With only ERROR and INFO levels, you might miss some details needed for troubleshooting
From your error, the value you got as Azure AD Identifier on AAD side may not be aligned with the one set on SonarQube side as Provider ID: sonar.auth.saml.providerId
Let us know