SonarQube Analysis Fails with 401 Unauthorized Error in Maven Build

furkan_miyan · March 2, 2025, 5:34pm

I am using Spring Boot 3.4.3 with Java 17 and the following SonarQube Maven plugin:

<plugin>
                <groupId>org.sonarsource.scanner.maven</groupId>
                <artifactId>sonar-maven-plugin</artifactId>
                <version>5.0.0.4389</version>
  </plugin>

org.sonarsource.scanner.maven sonar-maven-plugin 5.0.0.4389

I have tried running the following commands but still face issues:

.\mvnw clean install sonar:sonar → Using the default credentials (admin/admin at http://localhost:9000/)
mvn clean verify sonar:sonar -Dsonar.token=<user_token> -X → Using a generated User Token
mvn clean verify sonar:sonar -Dsonar.token=<global_token> -X → Using a Global Token

[ERROR] Failed to execute goal org.sonarsource.scanner.maven:sonar-maven-plugin:5.0.0.4389:sonar (default-cli)
on project journalApp: Error status returned by url
[https://api.sonarcloud.io/analysis/jres?os=windows&arch=amd64]: 401
{
“Message”: “User is not authorized to access this resource with an explicit deny”
}

Standard Commons Logging discovery in action with spring-jcl: please remove commons-logging.jar from classpath in order to avoid potential conflicts
After logging in and updating my password, I generated both User & Global tokens, but the issue persists.
Has anyone faced a similar issue? How can I resolve this?

ganncamp · March 3, 2025, 3:05pm

Hi,

http://localhost:9000 used to be the default, but the scanners were updated last year to default to using SonarQube for Cloud if no sonar.host.url was provided.

So you’ll need to explicitly provide your SonarQube URL, e.g. on the mvn command line as -Dsonar.host.url=http://localhost:9000.

HTH,
Ann