Uploaded image for project: 'SonarQube'
  1. SonarQube
  2. SONAR-9740

Add system passcode authentication to api/system/health

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 6.6-M3, 6.6
    • Component/s: Web API
    • Labels:

      Description

      SysAdmin passcode authentication is based on property sonar.web.systemPasscode.

      When SQ server is starting, authentication stack is not yet available but access to WS api/system/health must still be protected.
      Also, providing the SysAdmin passcode will allow calling WS api/system/health without root permissions.

      Changes to WS api/system/health:

      • new optional HTTP header X-Sonar-Passcode
      • when SQ is starting, providing HTTP header with the same value as property sonar.web.systemPasscode is required. In case of failure, WS will return a 403 HTTP status
      • when SQ is started, if HTTP header is provided, its value must be the same as property sonar.web.systemPasscode otherwise a 403 HTTP status is returned. If an incorrect value or no value is provided, then authentication based on permissions applies and root permission is required.

        Attachments

        1. web.log
          82 kB
          Christophe Levis

          Issue Links

            Activity

              People

              Assignee:
              simon.brandhof Simon Brandhof (Inactive)
              Reporter:
              sebastien.lesaint Sebastien Lesaint
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Due:
                Created:
                Updated:
                Resolved: