You're not authorized to access this page. Please contact the administrator. After Integrating with SAML Active directory

Hi ,

I tried to configure my SonarQube with active directory and once its done. It is showing this message. When i put the debug mode on , it is showing me these logs. Kindly share your thoughts.

You’re not authorized to access this page. Please contact the administrator
When i enable debug mode , it showing me this message.

2019.12.10 14:33:21 ERROR web[AW7v2dtC1TkW09XXAAFy][o.a.a.a.AadIdentityProvider] Exception:java.lang.IllegalArgumentException: Group name cannot be empty

2019.12.10 14:33:21 DEBUG web[AW7v2dtC1TkW09XXAAFy][auth.event] login failure [cause|Plugin did not call authenticate][method|OAUTH2][provider|EXTERNAL|Microsoft][IP|fe80:0:0:0:7d51:23e6:bd8f:3644%2|195.145.101.4][login|]

2019.12.10 14:33:21 DEBUG web[AW7v2dtC1TkW09XXAAF0][auth.event] login failure [cause|User must be authenticated][method|BASIC][provider|LOCAL|local][IP|fe80:0:0:0:7d51:23e6:bd8f:3644%2|195.145.101.4][login|]

Please help me.

Hi @Waseem_Bukhari,

As your using the
In order to be able to help you, could you please provide to us the following information :

Regards

Hi , Thanks , AD version i have shared below which is 1.1 while sonarqube verision is :

  • Community Edition
  • Version 8.0 (build 29455)

Kindly help me.

Hi,

As this issue seems related to the Azure Active Directory plugin itself, you should follow this issue which is describing exactly the same issue as you in the GitHub repo of the plugin : https://github.com/hkamel/sonar-auth-aad/issues/90.

Regards

Hi , i posted this issue. DO YOU HAVE any answer on this or something else?

I tried another way and see the same error message in Logs:

2019.12.11 13:15:11 ERROR web[AW704ZukHMcgUJoWAABO][o.a.a.a.AadIdentityProvider] Exception:java.lang.IllegalArgumentException: Group name cannot be empty
2019.12.11 13:15:11 DEBUG web[AW704ZukHMcgUJoWAABO][auth.event] login failure [cause|Plugin did not call authenticate][method|OAUTH2][provider|EXTERNAL|Microsoft][IP|fe80:0:0:0:7d51:23e6:bd8f:3644%2|195.145.101.4][login|]
2019.12.11 13:15:11 DEBUG web[AW704ZukHMcgUJoWAABQ][auth.event] login failure [cause|User must be authenticated][method|BASIC][provider|LOCAL|local][IP|fe80:0:0:0:7d51:23e6:bd8f:3644%2|195.145.101.4][login|]
2019.12.11 13:15:11 DEBUG web[AW704ZukHMcgUJoWAABS][auth.event] login failure [cause|User must be authenticated][method|BASIC][provider|LOCAL|local][IP|fe80:0:0:0:7d51:23e6:bd8f:3644%2|195.145.101.4][login|]
2019.12.11 13:15:12 DEBUG web[AW704ZukHMcgUJoWAABU][auth.event] login failure [cause|User must be authenticated][method|BASIC][provider|LOCAL|local][IP|fe80:0:0:0:7d51:23e6:bd8f:3644%2|195.145.101.4][login|]
2019.12.11 13:15:12 DEBUG web[AW704ZukHMcgUJoWAABV][auth.event] login failure [cause|User must be authenticated][method|BASIC][provider|LOCAL|local][IP|fe80:0:0:0:7d51:23e6:bd8f:3644%2|195.145.101.4][login|]
2019.12.11 13:15:12 DEBUG web[AW704ZukHMcgUJoWAABY][auth.event] login failure [cause|User must be authenticated][method|BASIC][provider|LOCAL|local][IP|fe80:0:0:0:7d51:23e6:bd8f:3644%2|195.145.101.4][login|]
2019.12.11 13:15:14 DEBUG web[AW704ZukHMcgUJoWAABa][auth.event] login success [method|FORM][provider|LOCAL|local][IP|fe80:0:0:0:7d51:23e6:bd8f:3644%2|195.145.101.4][login|admin]
2019.12.11 13:15:20 DEBUG web[AW704ZukHMcgUJoWAABq][s.n.w.p.h.HttpURLConnection] sun.net.www.MessageHeader@52d6f4be5 pairs: {GET /systemInfo HTTP/1.1: null}{User-Agent: SonarQube 8.0.0.29455 # 2C14AB32-AW6IDT8ka0RL2SvnBeUq Java/12.0.2}{Host: 127.0.0.1:14860}{Accept: text/html, image/gif, image/jpeg, *; q=.2, /; q=.2}{Connection: keep-alive}
2019.12.11 13:15:20 DEBUG web[AW704ZukHMcgUJoWAABq][s.n.w.p.h.HttpURLConnection] sun.net.www.MessageHeader@490200d05 pairs: {null: HTTP/1.1 200 OK}{Content-Type: application/x-protobuf}{Date: Wed, 11 Dec 2019 12:15:20 GMT}{Connection: keep-alive}{Content-Length: 8474}

Hi,

No issue to cross post your issue here and in the GitHub issues of the project.
As the the Azure Active Directory Authentication plugin is under the community umbrella, the best place to get an answer is in the GitHub issues.

Regards

No one answered my Question: Its not more than Ping Pong

https://developercommunity.visualstudio.com/content/problem/896216/sonarqube-integration-with-saml.html

Hello ,

I am facing the same issue now. Did you find the solution ?

I’m facing same issue. Auth success from AAD side and when redirect back to sonar I’m getting following error.

UI : You’re not authorized to access this page. Please contact the administrator. Reason: Cookie ‘OAUTHSTATE’ is missing

Logs : [c.o.saml2.Auth] processResponse error.SAML Response not found, Only supported HTTP_POST Binding
[o.s.s.a.AuthenticationError] Fail to callback authentication with ‘saml’
Caused by: com.onelogin.saml2.exception.Error: SAML Response not found, Only supported HTTP_POST Binding

When I Enable debug : I can see following in logs

SAMLResponse validated
SAMLResponse has NameID
SAMLResponse has NameID Format
SAMLResponse has attributes
processResponse success
login failure [cause|Cookie ‘OAUTHSTATE’ is missing][method|OAUTH2][provider|EXTERNAL|SAML][IP|127.0.0.1|10.64.6.251][login|]

Hi @Waseem_Bukhari , i am also facing similar issue integrating Sonar with AAD . Please let me know if you have any resolution for this issue .