SonarQube logs me out on any save operation

sonarqube
github
authentication
ubuntu

(Norm Katz) #1

I recently installed SonarQube on Ubuntu 16. I confirmed in my installed Eval system under Administration>System matches the license Key I was given. What I am now seeing that the SonarQube web app logs me out whenever I try to do something that creates an object or saves something like the license key. This includes trying to create a project or connect to github. I checked all possible logs, including sonar, web, nginx, postgres, and elasticsearch and they all look fine and healthy. Has anyone seen this logout problem immediately after installation and configuration of SonarQube? If feel like it’s hitting an unhandled exception that does not show up in any of the logs.


(Julien Lancelot) #2

Hi @normmkatz1,

In order to investigate what’s going on you need to active the DEBUG logs :

  • Go to Administration > System
  • Change the logs level to DEBUG
  • Do any operation that logs you out and check logs/web.log

Regards,
Julien Lancelot


(Norm Katz) #3

When I tried to change the level to DEBUG, I got this red error: The request cannot be processed. Try again later.
The access log indicated a 401. Domain and port redacted for security.

127.0.0.1 - - [16/Apr/2019:18:44:02 +0000] “POST /api/system/change_log_level HTTP/1.0” 401 - “http://mydomain:myport/admin/system?expand=System” “Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.86 Safari/537.36” “AWoU7jbNdowEyK2dAABu”

127.0.0.1 - - [16/Apr/2019:18:44:02 +0000] “GET /js/350.m.f884ee85.chunk.js HTTP/1.0” 200 561 “http://mydomain:myport/admin/system?expand=System” “Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.86 Safari/537.36” “AWoU7jbNdowEyK2dAABv”

127.0.0.1 - - [16/Apr/2019:18:44:02 +0000] “GET /api/users/identity_providers HTTP/1.0” 200 24 “http://mydomain:myport/sessions/new?return_to=%2Fadmin%2Fsystem%3Fexpand%3DSystem” “Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.86 Safari/537.36” “AWoU7jbNdowEyK2dAABw”


(Norm Katz) #5

I updated log level to DEBUG in sonar.properties and restarted. Now seeing this in web.log:
2019.04.16 19:31:01 DEBUG web[AWonoQnkRQ6xbFJgAAAm][auth.event] login failure [cause|Wrong CSFR in request][method|JWT][provider|LOCAL|local][IP|127.0.0.1|][login|admin]


(Julien Lancelot) #6

The error log you’ve reported says “Wrong CSFR in request” : it seems you’re proxy prevent the CSFR cookie to be returned from the server to the web navigator.
Could you please check your proxy configuration ?


(Norm Katz) #7

I haven’t installed any kind of proxy. Just using nginx web server. I’ll have to search to see if there’s some setting in their config preventing this.