Unable to login as admin even after resetting password via db directly

SonarQube Server / Community Build
1

Make sure to tell us:

  • What version are you upgrading from? 9.1.0.47736 to 9.9.2.77730
  • System information (Operating system, Java version, Database provider/version) Amazon Linux 2 java 17-amazon-corretto
  • What’s the issue you’re facing?

Could you confirm if i am encrypting the password correctly as im unable to log as admin even after updating the db directly

password=$(echo Passowd01 | openssl11 enc -base64 -pbkdf2 -e -aes-256-cbc -m sha512 -iter 1000000 -S k9x9eN127/3e/hf38iNiKwVfaVk= -pass pass:‘’)

update users set crypted_password=‘$password’, salt=‘k9x9eN127/3e/hf38iNiKwVfaVk=’, hash_method=‘PBKDF2’, reset_password=‘true’, user_local=‘true’, active='true where login=‘admin’;

the commands above work but i cannot login as admin

can you confirm if i am using the current_hash , iterations etc to generate the hash value

thank you

2

Hi,

Welcome to the community!

No need for you to encrypt the password. Just copy/paste from the docs to reset your admin account password to admin. You’ll then be prompted to change it on first login (which you’ll presumably do immediately :sweat_smile:)

 
HTH,
Ann

3

Hi G Ann and thank you for the update

This makes sense hopefully i will try and test once our development environment is available as it currently broken. I didn’t realise that the example in the docs was setting the password to admin I thought it was a example of how to reset the password to a new one.

I guess it explains why I cannot login when I set the admin password directly in the db as its no longer supported as i believe this worked previous versions of SonarQube when it used SHA1? Is there a alternative way to set the password programmatically to something else e.g. Password01

Thank you

4

Hi,

Once you’re back in, you can switch to the API, but first use the SQL in he docs to get back in.

The best way to master the API is to perform the desired action via the UI and eavesdrop to see which calls the UI made to accomplish the action.

You may also find this guide helpful.

 
Ann

5

Sorry for the late response its been a hectic day. Thank you for the update and information. I will look into this as soon as I have a environment to play with.

thank you