skip to Main Content

SonarQube on windows, running on http://localhost/9000.

I’m setting up NGINX to use as a reverse proxy and serve on https://localip.com.

I’m getting the following EE when trying to connect to SonarQube

You’re not authorized to access this page. Please contact the administrator. Reason: The response was received at http://localhost:9000/oauth2/callback/saml instead of https://localip.com/oauth2/callback/saml

I’m guessing I need to instruct NGINX to rewrite the callback, how do I do it?

3

Answers


  1. I have same issue, but i run Apache server , and my proxy configuration is as follow:

      ## Proxy rules
      ProxyRequests Off
      ProxyPreserveHost On
      ProxyPass / http://127.0.0.1:9000/
      ProxyPassReverse / http://127.0.0.1:9000/
      RequestHeader set X-Forwarded-Proto "https"
      RequestHeader set X-Forwarded-Port "443"
    

    what solve issue is adding :

      RequestHeader set X-Forwarded-Proto "https"
      RequestHeader set X-Forwarded-Port "443"
    
    Login or Signup to reply.
  2. You don’t show a sample config, but I recently hit the same issue as you when setting up SonarQube 9 behind an nginx reverse proxy w/ SAML.

    You’re not authorized to access this page. Please contact the administrator. Reason: The response was received at http://localhost:9000/oauth2/callback/saml instead of https://localip.com/oauth2/callback/saml

    The most likely fix for this is to add these 2 lines to your server proxypass section in your nginx proxy config:

    proxy_set_header X-Forwarded-Proto https;
    proxy_set_header Host $host;
    

    Sonarsource had a post about this for IIS reverse proxies, where they indicate 2 important things:

    1. That HTTP_X_FORWARDED_PROTO is set to https
    2. That host headers are preserved

    The lines in my above code snippet handle the NGINX equivalents for #1 and #2 in that order.

    Their Operating the Server page also gives this sample config:

    # the server directive is Nginx's virtual host directive
    server { 
     # port to listen on. Can also be set to an IP:PORT 
     listen 443 ssl;
     ssl_certificate ${path_to_your_certificate_file}
     ssl_certificate_key ${path_to_your_certificate_key_file}
     location / {
       proxy_pass ${address_of_your_sonarqube_instance_behind_proxy}
       proxy_set_header Host $host;
       proxy_set_header X-Forwarded-For $remote_addr;
       proxy_set_header X-Forwarded-Proto https;
     }
    }
    

    Based on your error message, the proxy_pass line will most likely something like proxy_pass http://localhost:9000. That’s how I set mine up as well.

    Login or Signup to reply.
  3. Just go to https://{sonarqube_domain}/admin/settings and make sure Server base URL is set to https://{sonarqube_domain}

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search