Uploaded image for project: 'SonarQube'
  1. SonarQube
  2. SONAR-7115

Not possible to retrieve system status when forced authentication is enabled

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 5.2
    • Fix Version/s: 5.4
    • Component/s: Web API
    • Labels:

      Description

      When forced authentication is enabled, a database migration is in progress and you are not logged in, it's impossible to get system status, i.e. see maintenance/setup pages. All WS calls to /api/system/status and /api/system/db_migration_status fail with 401 Unauthorized error.

        Activity

        Hide
        ann.campbell.2 Ann Campbell added a comment -

        tested both uri's, logged in and anonymous.

        Looks good

        Show
        ann.campbell.2 Ann Campbell added a comment - tested both uri's, logged in and anonymous. Looks good
        Hide
        mmajcica Mario Majcica added a comment -

        During the upgrade from 5.3 to 5.4 I again faced this problem. DB upgrade won't start with the standard error message "An error happened, some parts of the page might not render correctly. Please contact the administrator if you keep on experiencing this error.".

        After commenting out sonar.forceAuthentication=true the upgrade went well. I'm using the latest version of LDAP plugin 1.5.1.

        Show
        mmajcica Mario Majcica added a comment - During the upgrade from 5.3 to 5.4 I again faced this problem. DB upgrade won't start with the standard error message "An error happened, some parts of the page might not render correctly. Please contact the administrator if you keep on experiencing this error.". After commenting out sonar.forceAuthentication=true the upgrade went well. I'm using the latest version of LDAP plugin 1.5.1.
        Hide
        nicolas.bontoux Nicolas Bontoux added a comment -

        Mario Majcica (and others who might hit this issue): indeed it is still not possible to perform a DB upgrade when sonar.forceAuthentication=true in sonar.properties. Note that setting this property in the config file is actually unreliable and the proper solution to this is to remove sonar.forceAuthentication from sonar.properties altogether and set it in the admin UI instead (under General Settings - Security). That way it will be properly managed in database (including through upgrades) and you do not have to manually maintain it in the config file.

        Show
        nicolas.bontoux Nicolas Bontoux added a comment - Mario Majcica (and others who might hit this issue): indeed it is still not possible to perform a DB upgrade when sonar.forceAuthentication=true in sonar.properties . Note that setting this property in the config file is actually unreliable and the proper solution to this is to remove sonar.forceAuthentication from sonar.properties altogether and set it in the admin UI instead (under General Settings - Security). That way it will be properly managed in database (including through upgrades) and you do not have to manually maintain it in the config file.
        Hide
        mmajcica Mario Majcica added a comment -

        Nicolas Bontoux thank you. This is a top tip. I now also documented it in my blog post about installation and configuration of SonarQube at http://blog.majcica.com/2016/04/28/sonarqube-on-windows-and-ms-sql/.

        Thanks

        Show
        mmajcica Mario Majcica added a comment - Nicolas Bontoux thank you. This is a top tip. I now also documented it in my blog post about installation and configuration of SonarQube at http://blog.majcica.com/2016/04/28/sonarqube-on-windows-and-ms-sql/ . Thanks

          People

          • Assignee:
            teryk.bellahsene Teryk Bellahsene
            Reporter:
            stas.vilchik Stas Vilchik
          • Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

            Dates

            • Due:
              Created:
              Updated:
              Resolved: