We are using SonarQube 7.9.6 with SAML using PingFederate and on a on Prem Windows NT Server, No Load Balancer, IIS and MS SQL database. This works fine in 7.9.6.
When we upgraded to 8.9.8 We get the following error
You’re not authorized to access this page. Please contact the administrator.
Reason: A valid SubjectConfirmation was not found on this Response: SubjectConfirmationData doesn’t match a valid Recipient
We have confirmed the SubjectConfirmationData looks good and the reverse proxy setting in the IIS server is also good.
We have tried this setting
Unfortunately, we are not SAML experts. What I can tell you is that the guide you referenced relates to mismatching URLs & my searches seem to tie the error message you’re getting to… mismatching URLs.
So I can only urge you to take another look to see that everything matches up like it should.
Starting with 8.x there are no SonarSource plugins in the Marketplace; all our functionality is bundled now. I do still see an AAD auth plugin still in there, although it’s not clear to me that it’s still actively maintained.