SSO OAUTHSTATE issue

mleisenr82 · September 16, 2019, 1:08pm

Version: Sonarqube-developer 7.9.1
Issue: Okta SSO works but after signing into the app we see the following error. Is this a known issue and is there any known workarounds.

Workaround: Clicking “Home”, “Login”, “Log in with SAML” allows the login.

“You’re not authorized to access this page. Please contact the administrator.
Reason: Cookie ‘OAUTHSTATE’ is missing”

julienlancelot · September 16, 2019, 3:37pm

Hi @mleisenr82 and welcome to this forum !

In order to investigate your issue, could you please :

Activate the DEBUG log level (Administration -> System -> Set Logs level to DEBUG)
Try to authenticate
Check the logs/web.logs file, search for any ERROR and WARN lines, and report them here.

Regards,
Julien Lancelot

mleisenr82 · September 16, 2019, 4:56pm

Hey Julien!

The only logs I currently have for ERROR/WARN:
-bash-4.2$ cat web.log | grep WARN

2019.09.16 12:00:52 WARN web[o.s.s.a.LogOAuthWarning] For security reasons, OAuth authentication should use HTTPS. You should set the property ‘Administration > Configuration > Server base URL’ to a HTTPS URL.

2019.09.16 12:00:52 WARN web[o.s.a.s.w.WebService$Action] The response example is not set on action api/plugins/download

2019.09.16 12:00:52 WARN web[o.s.a.s.w.WebService$Action] The response example is not set on action api/permissions/search_templates

2019.09.16 12:00:52 WARN web[o.s.a.s.w.WebService$Action] The response example is not set on action api/support/info

2019.09.16 15:03:30 WARN web[o.s.s.a.LogOAuthWarning] For security reasons, OAuth authentication should use HTTPS. You should set the property ‘Administration > Configuration > Server base URL’ to a HTTPS URL.

2019.09.16 15:03:31 WARN web[o.s.a.s.w.WebService$Action] The response example is not set on action api/plugins/download

2019.09.16 15:03:31 WARN web[o.s.a.s.w.WebService$Action] The response example is not set on action api/permissions/search_templates

2019.09.16 15:03:31 WARN web[o.s.a.s.w.WebService$Action] The response example is not set on action api/support/info

Just some background. We installed this within AWS. It’s currently sitting behind a loadbalancer that does the SSL offloading to the instance. User → ELB(HTTPS via 9000) → Sonarqube (9000).

It seems my issue is very similar to the following link since the login is initiated from Okta. That being said is there a work-a-round to this?

julienlancelot · September 20, 2019, 8:44am

I’m sorry, I’m not aware of any workaround about this issue with Okta…

Topic		Replies	Views
SAML IDP Initiated Login SonarQube Server / Community Build authentication , sso , saml	24	9694	March 14, 2024
HTTP Status 500 – Internal Server Error getting error in 2025.1.0-enterprise SonarQube Server / Community Build sonarqube	7	158	March 9, 2025
Problem when user are trying to use the SSO on sonar DNS name instead of host name SonarQube Server / Community Build sonarqube , sso , saml	0	526	May 30, 2022
SonarQube AUTH fails via Okta as IDP as a SAML identity provider SonarQube Server / Community Build sonarqube	5	342	January 31, 2024
Cookie 'OAUTHSTATE' is missing GSUITE SonarQube Server / Community Build	2	1271	September 8, 2020

SSO OAUTHSTATE issue

Related topics