Unable to connect to the SonarQube server because of SSO

I tried the java certificate part, didn’t work for me, the server is being protected by a SSO, so when it tries to reach the server, it reads the redirect instead of the actual Rest response of the “sonar/api/system/status”.

How can I bypass this? Since no way in hell i’m convincing my company to remove the SSO,

Can I hardcode the response? somewhere?

1 Like


How does it work when you want to install plugins or update VSCode? Is VSCode able to connect through your SSO?
What is the certificate your are talking about? Is it a client or server certificate?

SSO is bind to company websites, not the internet.

Tried to download the website certificate and install it in java, as described above, but it didn’t fix my problem.

SSO - is single sign on btw…

SonarLint is using the SonarQube web API, and currently only able to authenticate using HTTP Basic authentication. AFAIK scanners will have the same issue, so maybe you could ask how your infra team managed to do project analysis using scanners? They might have allowed access without SSO somehow.

Can you also share a bit more details about your SSO provider? Maybe it could help to find a solution? Especially if your SSO is based on some standard.

Sorry, that is internal company mater relating the SSO.

On the second part there is an enterprise sonar on the company servers that scan the code in bit-bucket in the same environment so no SSO needed on that part.

Only solution for me is to have a proxy server where I login to bypass the SSO then proxy the requests to company server

This is indeed a solution. For the record, I remember some users having mentioned this tool: http://cntlm.sourceforge.net/. This is to bypass NTLM SSO, so maybe not your case.

Don’t hesitate to share more details on your workaround, as it could help other users. For example are you using a specific tool to be used as a proxy server? Or is it a hand-made solution?