SSO issue sonarqube & Idaptive

SonarQube Server / Community Build
1

Must-share information (formatted with Markdown):

SSO settings in Idaptive portal -

SP entity id - https://xxxx/oauth2/callback/saml
Assertion Consumer Service (ACS) URL - https://xxxx/oauth2/callback/saml
Authentication Context Class - PasswordprotectedTransport

values that are sending to sonaqeube from idaptive-
setAttribute(‘email’, LoginUser.Get(‘mail’));
setAttribute(‘name’, LoginUser.Get(‘displayName’));
setAttribute(‘login’,LoginUser.Get(‘mail’));

account mapping between sonarqube & idaptive - samAccountName

Thanks

2

Hi @adityamadhira,

Thanks for the detailed info. Can you please explain in more detail what the issue is :slightly_smiling_face:? Is it not working at all? Is some sync not working? Are new accounts not created? Please provide an explanation of the exact issue you’re facing.

4

Hi @Wouter_Admiraal,

I followed the documentation related to SSO, but sonaqube throws below error -

Reason: Signature validation failed. SAML Response rejected

Contacted Idaptive support and they are requesting me to contact you to understand the error. Even sonarqube log is not meaningful to understand what issue since log shows the error what i seen on web UI.

Is it possible to have a call for 30 min? I work on US PST time zone.

SSO fails for every one. New account creation also fails.

Thanks

5

Signature validation failed. SAML Response rejected

Did you double check your config? Especially the certificate? Perhaps something went wrong when copy-pasting? And do you manage to log in using ldaptive from any other application?

Even sonarqube log is not meaningful to understand what issue

Can you post the logs here? You can enable DEBUG level logs by settings the following on your sonar.properties file:

sonar.log.level=DEBUG

(and restart SonarQube, obviously)

Is it possible to have a call for 30 min? I work on US PST time zone.

No sorry. Unless you purchased support. Otherwise, it’s the forum only :slightly_smiling_face:.