Receiving "Not authorized" error after upgrading to SonarQube 4.2

StackOverflow https://stackoverflow.com/questions/22967527

  •  30-06-2023
  •  | 
  •  

Domanda

When executing the sonar analysis using the Maven Sonar Plugin:

  1. Without any other change, except upgrading from SonarQube 3.7 to 4.2

  2. We receive the following error:

    [ERROR] Failed to execute goal org.codehaus.mojo:sonar-maven-plugin:2.2:sonar (default- cli) on project museum-mobile: Can not execute SonarQube analysis: Not authorized. Please check the properties sonar.login and sonar.password. -> [Help 1]

  3. Our account is still listed as "sonar-administrator", with full access to all Global Permissions: Administer Quality Profiles, Administer System, Execute Analysis, Execute Preview Analysis, Provision Projects, Share Dashboards And Filters

  4. When we run with the default "admin" account we are able to execute the analysis.

Environment:

  • Windows 7 64-bit
  • Java JDK 1.6.0_31 and 1.7.0_25
  • Maven 3.0.5
  • sonar-maven-plugin 2.0 and 2.3

JIRA opened: MSONAR-66

È stato utile?

Soluzione

If you use LDAP users in your Sonar installation, and a non-LDAP user to maven sonar plugin, this may explain the problem:

http://sonarqube.15.x6.nabble.com/cannot-login-to-sonar-using-created-user-and-ldap-td5025428.html http://jira.codehaus.org/browse/SONAR-4543

I fixed the problem editing the sonar.properties like this:

# LDAP
sonar.security.realm=LDAP
sonar.security.localUsers=admin,jenkinsuser
ldap.url=....

Altri suggerimenti

I have sent 3-4 emails stating the problem and issues that we have faced. I have also sent a summary as Jared and David have mentioned.

Answers to the above comments and questions:- Q- From which version did you upgrade ? – Simon Brandhof yesterday -
3.7**

Q-If you upgraded from a version less than 3.7, then the account has probably not the permission "Execute Analysis". See docs.codehaus.org/display/SONAR/… – Simon Brandhof yesterday. - We have that set to Anyone in the Groups. We have also set it to sonar-users/sonar-administrators which means access to all the users in the system.

Q-Or it means that you have activated the force authentication feature. See docs.codehaus.org/display/SONAR/Authentication. – David RACODON - SonarSource yesterday

- sonar.forceAuthentication=true is already set to true. Yes it is correct.
"upgrading from SonarQube 3.7 to 4.2" – David M. Karr yesterday -Right.

Q-I added each of the global permissions above. The upgrade was from 3.7 (working) to 4.2 (not working). We will check the force authentication feature. Is that new to 4.2?

After reading about the feature I am not sure how it would explain why my user in the sonar-administrator group can no longer execute an analysis. – Jared yesterday

- It is set to true but it is needed and we want users to be authenticated.

Thanks,

Jitesh

For whatever reason, version 4.2 has to use the "admin" userid to execute analysis. We were able to work around this bug by doing the following:

  1. Create a new default Administrator User and name it anything you like. We used "sonar_admin".
  2. For the "admin" userid, ensure that it has permissions "Execute Analysis" and if you want it to add new projects to Sonarqube "Provision Projects".
  3. You can change the password of "admin" to whatever you like.
  4. Ensure sonar.login and sonar.password properties are being defined within your build script, and set to the "admin" userid and password.

You just need to add below 2 properties to get it work - sonar.login= sonar.password=

These properties can be added in 2 ways : 1. By setting it in build.xml with sonar target 2. By setting system property using -Dsonar.login=admin -Dsonar.password=password

Autorizzato sotto: CC-BY-SA insieme a attribuzione
Non affiliato a StackOverflow
scroll top