You're not authorized to acces this page. Sonarqube/Gitlab oauth after upgrading Sonarqube to version 8.9.6 LTS

Dear Sonar community,

I’m reaching you today in order to share a strange behavior concerning our last Sonarqube upgrading from v7.9 to v.8.9.6 (LTS) concerning user connexions between Gitlab and Sonarqube.

Before we upgraded our Sonarqube instance we used the gitlab oauth plugin v1.3.2 in order to connect to our local Gitlab instance and everything worked well. We also trained our upgrade and knew that this plugin won’t be supported in the new LTS 8.9.6 (as the gitlab connexion is bundled) so we removed it in our upgrade process.

The bug : After the upgrade , only a few users were able to connect to Sonarqube web UI through gitlab, the others got the error : You’re not authorized to acces this page. There were no distinctive patterns on which users could and the ones who couldn’t.

The solution : We investigated directly into the Sonarqube postgresql database and looked at the users table :

SELECT login,external_id FROM users;

We discovered that the users who were able to connect to Sonarqube through Gitlab got the field ‘external_id’ = Their value.
And the users who were unable to connect to Sonarqube got the field
‘external_id’ = Their <gitlab/sonarqube login>

The solution was to update this field with the correct value manually or via a script :

UPDATE users SET external_id=<id_gitlab> WHERE login= '<username_gitlab>' ;

at this hour our upgrade is a success , but we still don’t know why the external_id of all the users didn’t match their gitlab id for all the users.

I hope this will be helpful for users in the same case,
Best Regards

1 Like