SonarLint 403 errors

sergioet · June 12, 2024, 9:30am

Please provide

Win10
Visual Studio 17.10.2

SonarLint plugin version: 8.0.0.92083
Programming language you’re coding in: c#
Is connected mode used: Yes
- Connected to SonarCloud or SonarQube (and which version): * Enterprise Edition Version 10.4.1 (build 88267

And a thorough description of the problem / question:

I have 403 errors when trying to use SonarLint

[Taint] Failed to synchronize taint vulnerabilities with the connected server: System.Net.Http.HttpRequestException: Response status code does not indicate success: 403 ().
   at System.Net.Http.HttpResponseMessage.EnsureSuccessStatusCode()
   at SonarQube.Client.Requests.RequestBase`1.<InvokeAsync>d__11.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at SonarQube.Client.SonarQubeService.<InvokeUncheckedRequestAsync>d__17`2.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at SonarLint.VisualStudio.Infrastructure.VS.ThreadHandling.<>c__DisplayClass6_0`1.<<RunOnBackgroundThread>b__0>d.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at SonarLint.VisualStudio.Infrastructure.VS.ThreadHandling.<RunOnBackgroundThread>d__6`1.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at SonarLint.VisualStudio.Integration.MefServices.MefSonarQubeService.<InvokeUncheckedRequestAsync>d__3`2.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at SonarQube.Client.SonarQubeService.<GetSourceCodeAsync>d__44.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   at SonarQube.Client.Helpers.SecondaryLocationHashUpdater.<UpdateHashesAsync>d__3.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at SonarQube.Client.SonarQubeService.<GetTaintVulnerabilitiesAsync>d__41.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at SonarLint.VisualStudio.IssueVisualization.Security.Taint.TaintIssuesSynchronizer.<SynchronizeWithServer>d__10.MoveNext().
[ConnectedMode/BranchMapping] Matching Sonar server branch: develop
[ConnectedMode/BranchMapping] Closest Sonar server branch: develop
[ConnectedMode/BranchMapping] Matching Sonar server branch: develop
[ConnectedMode/BranchMapping] Closest Sonar server branch: develop
[ServerIssueStore] Raising change event...
[Hotpots] Fetch operation failed: Response status code does not indicate success: 403 ().

The execute analysis permissions is ticked. I don’t know how to use a token or my creds to connect to the server. Or how do I use a “non-connected” mode. I’d like to replicate the issues appearing in the SonarQube server

ganncamp · June 13, 2024, 12:03pm

Hi,

In order to synchronize issues from SonarQube, I believe you’ll need the Browse permission (and Administer Issues wouldn’t hurt either).

It’s quite possible to have one without the other, so you should double-check that.

Also there are different types of tokens. How did you generate yours?

Thx,
Ann

sergioet · June 13, 2024, 12:41pm

hi Ann,

Thanks for your response. I already had browse permission and Administer Issues, but getting the same issues.

About tokens, in SonarQube dashboards I go to my profile, Security, then create a token. I can create of type “Project”, "Global " and “User” however I don’t know how to use it in Visual Studio, in Team Explorer when I click on my https://sonarqueb..com it finds my project among a list of multiple items

ganncamp · June 13, 2024, 1:00pm

Hi,

Which token type did you pick? I believe you want a User token here.

Alternately, I think you can generate your token through SonarLint (which should automatically give you the right type )

Ann

ganncamp · June 13, 2024, 1:14pm

Hi again,

I think I gave you a bad link. I pointed to the SonarLint for IntelliJ docs, but you filed this under Visual Studio. So nevermind that part about generating the token from within SonarLint.

Ann

sergioet · June 13, 2024, 1:50pm

I am using Visual Studio, not IntelliJ, but I’ve tried to follow these instructions
Connected Mode setup - Visual Studio (sonarsource.com), and I don’t have any place to see that “Connect” that would allow me to add a token.
In the Team Explorer area, I just see

How can I connect and enter the token?

ganncamp · June 13, 2024, 2:14pm

Hi,

It looks like that’s Step 3.

HTH,
Ann

sergioet · June 13, 2024, 2:38pm

yes, but what I am saying is that I can’t action Step 2 - how can I get that “Connect” button? or how can I reset the extension to a “unconnected” mode?

ganncamp · June 13, 2024, 2:44pm

Hi,

So you click on your SonarQube URL and nothing happens?

Thx,
Ann

sergioet · June 13, 2024, 2:59pm

Clicking on the url is a toggle that expands contract the list of projects.
Clicking on the project tries to loads profiles and I get the exception that I quoted in my first message.

ganncamp · June 13, 2024, 3:06pm

Hi,

Thanks. I’ve flagged this for the team.

Ann

uergun · June 14, 2024, 8:07am

Unfortunately we do not provide a mechanism to delete/update a token just yet. But our tokens are stored in Windows Credential Manager. If you delete the token with the name "Sonarlint.VisualStudio.Integration:{your sonarqube adress}" when you try to connect it should ask you for token again.

To access Windows Credential Manager you should follow

Contol Panel → User Accounts → Credential Manager → Windows Credentials

sergioet · June 14, 2024, 8:29am

thank you, that has allowed me to reset the token and the error disappeared.

system · June 21, 2024, 2:09pm

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Response status code does not indicate success: 403 () Visual Studio visualstudio , sonarqube-ide	2	3919	April 23, 2020
SonarQube for Visual Studio - Connected Mode not working behind corporate proxy Visual Studio connected_mode , proxy , sonarqube-ide , sonarqube-cloud	37	361	February 21, 2025
SonarLint on VS2022 cannot synchronize taint Visual Studio sonarqube , azure	1	661	September 13, 2023
SonarLint for VSCode can't connect to SonarQube VS Code sonarqube , connected_mode	1	1051	March 13, 2023
Connected Mode - Authentication Fails Visual Studio sonarqube , connected_mode	1	194	October 2, 2024

SonarLint 403 errors

Related topics