You're not authorized to access this page. Please contact the administrator. After Integrating with SAML Active directory

SonarQube Server / Community Build
, ,
1

Hi ,

I tried to configure my SonarQube with active directory and once its done. It is showing this message. When i put the debug mode on , it is showing me these logs. Kindly share your thoughts.

You’re not authorized to access this page. Please contact the administrator
When i enable debug mode , it showing me this message.

2019.12.10 14:33:21 ERROR web[AW7v2dtC1TkW09XXAAFy][o.a.a.a.AadIdentityProvider] Exception:java.lang.IllegalArgumentException: Group name cannot be empty

2019.12.10 14:33:21 DEBUG web[AW7v2dtC1TkW09XXAAFy][auth.event] login failure [cause|Plugin did not call authenticate][method|OAUTH2][provider|EXTERNAL|Microsoft][IP|fe80:0:0:0:7d51:23e6:bd8f:3644%2|195.145.101.4][login|]

2019.12.10 14:33:21 DEBUG web[AW7v2dtC1TkW09XXAAF0][auth.event] login failure [cause|User must be authenticated][method|BASIC][provider|LOCAL|local][IP|fe80:0:0:0:7d51:23e6:bd8f:3644%2|195.145.101.4][login|]

Please help me.

3

Hi @Waseem_Bukhari,

As your using the
In order to be able to help you, could you please provide to us the following information :

Regards

4

Hi , Thanks , AD version i have shared below which is 1.1 while sonarqube verision is :

  • Community Edition
  • Version 8.0 (build 29455)

image
image1280×119 6.46 KB
ADVersion
ADVersion1280×119 19.3 KB

Kindly help me.

5

Hi,

As this issue seems related to the Azure Active Directory plugin itself, you should follow this issue which is describing exactly the same issue as you in the GitHub repo of the plugin : https://github.com/hkamel/sonar-auth-aad/issues/90.

Regards

6

Hi , i posted this issue. DO YOU HAVE any answer on this or something else?

7

I tried another way and see the same error message in Logs:

2019.12.11 13:15:11 ERROR web[AW704ZukHMcgUJoWAABO][o.a.a.a.AadIdentityProvider] Exception:java.lang.IllegalArgumentException: Group name cannot be empty
2019.12.11 13:15:11 DEBUG web[AW704ZukHMcgUJoWAABO][auth.event] login failure [cause|Plugin did not call authenticate][method|OAUTH2][provider|EXTERNAL|Microsoft][IP|fe80:0:0:0:7d51:23e6:bd8f:3644%2|195.145.101.4][login|]
2019.12.11 13:15:11 DEBUG web[AW704ZukHMcgUJoWAABQ][auth.event] login failure [cause|User must be authenticated][method|BASIC][provider|LOCAL|local][IP|fe80:0:0:0:7d51:23e6:bd8f:3644%2|195.145.101.4][login|]
2019.12.11 13:15:11 DEBUG web[AW704ZukHMcgUJoWAABS][auth.event] login failure [cause|User must be authenticated][method|BASIC][provider|LOCAL|local][IP|fe80:0:0:0:7d51:23e6:bd8f:3644%2|195.145.101.4][login|]
2019.12.11 13:15:12 DEBUG web[AW704ZukHMcgUJoWAABU][auth.event] login failure [cause|User must be authenticated][method|BASIC][provider|LOCAL|local][IP|fe80:0:0:0:7d51:23e6:bd8f:3644%2|195.145.101.4][login|]
2019.12.11 13:15:12 DEBUG web[AW704ZukHMcgUJoWAABV][auth.event] login failure [cause|User must be authenticated][method|BASIC][provider|LOCAL|local][IP|fe80:0:0:0:7d51:23e6:bd8f:3644%2|195.145.101.4][login|]
2019.12.11 13:15:12 DEBUG web[AW704ZukHMcgUJoWAABY][auth.event] login failure [cause|User must be authenticated][method|BASIC][provider|LOCAL|local][IP|fe80:0:0:0:7d51:23e6:bd8f:3644%2|195.145.101.4][login|]
2019.12.11 13:15:14 DEBUG web[AW704ZukHMcgUJoWAABa][auth.event] login success [method|FORM][provider|LOCAL|local][IP|fe80:0:0:0:7d51:23e6:bd8f:3644%2|195.145.101.4][login|admin]
2019.12.11 13:15:20 DEBUG web[AW704ZukHMcgUJoWAABq][s.n.w.p.h.HttpURLConnection] sun.net.www.MessageHeader@52d6f4be5 pairs: {GET /systemInfo HTTP/1.1: null}{User-Agent: SonarQube 8.0.0.29455 # 2C14AB32-AW6IDT8ka0RL2SvnBeUq Java/12.0.2}{Host: 127.0.0.1:14860}{Accept: text/html, image/gif, image/jpeg, *; q=.2, /; q=.2}{Connection: keep-alive}
2019.12.11 13:15:20 DEBUG web[AW704ZukHMcgUJoWAABq][s.n.w.p.h.HttpURLConnection] sun.net.www.MessageHeader@490200d05 pairs: {null: HTTP/1.1 200 OK}{Content-Type: application/x-protobuf}{Date: Wed, 11 Dec 2019 12:15:20 GMT}{Connection: keep-alive}{Content-Length: 8474}

8

Hi,

No issue to cross post your issue here and in the GitHub issues of the project.
As the the Azure Active Directory Authentication plugin is under the community umbrella, the best place to get an answer is in the GitHub issues.

Regards

9

No one answered my Question: Its not more than Ping Pong

10

https://developercommunity.visualstudio.com/content/problem/896216/sonarqube-integration-with-saml.html

11

Hello ,

I am facing the same issue now. Did you find the solution ?

12

I’m facing same issue. Auth success from AAD side and when redirect back to sonar I’m getting following error.

UI : You’re not authorized to access this page. Please contact the administrator. Reason: Cookie ‘OAUTHSTATE’ is missing

Logs : [c.o.saml2.Auth] processResponse error.SAML Response not found, Only supported HTTP_POST Binding
[o.s.s.a.AuthenticationError] Fail to callback authentication with ‘saml’
Caused by: com.onelogin.saml2.exception.Error: SAML Response not found, Only supported HTTP_POST Binding

When I Enable debug : I can see following in logs

SAMLResponse validated
SAMLResponse has NameID
SAMLResponse has NameID Format
SAMLResponse has attributes
processResponse success
login failure [cause|Cookie ‘OAUTHSTATE’ is missing][method|OAUTH2][provider|EXTERNAL|SAML][IP|127.0.0.1|10.64.6.251][login|]

13

Hi @Waseem_Bukhari , i am also facing similar issue integrating Sonar with AAD . Please let me know if you have any resolution for this issue .

14

I had a similar issue. It’s due to the same email IDs being used in Azure AD & SonarQube.
I have deleted the users from SonarQube and was successfully able to log in without any issues.
Screenshot 2022-09-02 at 10.10.18 AM

1 Like