Hi, I’m trying to set up auth in the latest version of SonarQube community edition. I want to handle authorization separately, so I’m trying to set up http header authentication. It seems to work fine for the API but not for accessing the dashboard, and the web UI in general. Is there a way to access the web interface without logging in at /login username and password?
Basically, I want to provide my users a link to the web interface, but without providing them a sonarqube username and password, as they are already logged in on my platform, so I’m trying to find a way to proxy the request to my backend, get the corresponding sonarqube user.login for that user, and redirect them to the web ui using those credentials
I did, and I have succesfully set up http header authentication for the API, however it is not working for accesing the web app, it just redirects me to /sessions/new and asks for login and password
In summary:
set up http headers X-Forwarded-Login and X-Forwarded-Name to the appropiate values
GET request to localhost:9000/api/measures/component?component=projectkey&metricKeys=sqale_rating
response is OK, I get the data
tokens are only working for the API as well, not the web app
trying to access http://localhost:9000/dashboard?id=projectkey setting basic authentication with user tokens (or passwords for that matter) does nothing, it just redirects to the login screen
For the UI, you need to use the HTTP Header authentication, using a proxy
In my second post, I mentioned that this is not working for me, setting the appropiate headers X-Forwarded-Login and X-Forwarded-Name to the appropiate values and requesting to see a page for the UI like /dashboard just redirects me to the login page. HTTP Header authentication is working for the api at /api ONLY, but not for the UI
Is that the expected behaviour?
It does says login successful but it just redirects to the login page with a message “insufficient privileges” (I do have read access with that user and I have no problem logging in with username and password through the web app, although I’m not sure if a “local” user has the same privileges than a sso user?):
Also notice that if you make a request setting the X-Forwarded-Login and X-Forwarded-Name headers of a LOCAL user, it will automatically be converted to a nonlocal user.
Haiiii I need to set HTTP auth for sonarqube via proxy. And get the test status of sonarqube only via Bitbucket console. Can some one please explain briefly about how to set Sonar via proxy and set HTTP Auth for this Sonar server. Because my Sonar machine is in private.