sonarqube analysis requires authentication when permission is anyone

Question

sonarqube 5.5 several Java projects, all have permission set to anyone can execute analysis. use mvn sonar:sonar to run analysis Other projects work fine without error. One project was found to not have the permission set. It was giving:

Not authorized. Analyzing this project requires to be authenticated. Please provide the values of the properties sonar.login and sonar.password.

Setting the permission does not fix it. This project continues to give this error.

Steps taken:

• Permission is being set on the Project Permissions page, adding Anyone group to EXECUTE ANALYSIS permission. Users 0, groups 1

• toggle permission off then on again.

• restart server.
• remove local sonar/cache

There are two projects with the same name but different keys. QA version and Release.

Not sure what to try next.

---

------ short log --- mvn -X follows

[INFO] 
[INFO] --- sonar-maven-plugin:3.0.2:sonar (default-cli) @ adminportal-api ---
[INFO] User cache: /Users/kenhargreaves/.sonar/cache
[INFO] Load global repositories
[INFO] Load global repositories (done) | time=265ms
[INFO] User cache: /Users/kenhargreaves/.sonar/cache
[INFO] Exclude plugins: devcockpit, buildstability, pdfreport, report, scmstats, buildbreaker, views, jira
[INFO] Load plugins index
[INFO] Load plugins index (done) | time=16ms
[INFO] SonarQube version: 5.5
[INFO] Default locale: "en_US", source code encoding: "UTF-8"
[INFO] -- Cache for project [com.fusemail:adminportal-api] not found, synchronizing data..
[INFO] Load rules
[INFO] Load rules (done) | time=244ms
[INFO] Load project settings
[INFO] Load project settings (done) | time=182ms
[INFO] Load project quality profiles
[INFO] Load project quality profiles (done) | time=59ms
[INFO] Load project active rules
[INFO] Load project active rules (done) | time=888ms
[INFO] Load server issues
[INFO] Load server issues (done) | time=844ms
[INFO] Load user information
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 8.221 s
[INFO] Finished at: 2016-07-22T11:39:38-07:00
[INFO] Final Memory: 65M/470M
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal org.sonarsource.scanner.maven:sonar-maven-plugin:3.0.2:sonar (default-cli) on project adminportal-api: Not authorized. Analyzing this project requires to be authenticated. Please provide the values of the properties sonar.login and sonar.password. -> [Help 1]
[ERROR] 
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR] 

-----------------
INFO] Default locale: "en_US", source code encoding: "UTF-8"
[DEBUG] Work directory: /Users/kenhargreaves/Documents/workspace/fm-api-portalapi/target/sonar
[DEBUG] Execution getVersion
[DEBUG] Execution execute
[DEBUG] cache: /Users/kenhargreaves/.sonar/ws_cache/http%3A%2F%2Fsonarqube.electric.net/5.5/projects/com.fusemail%3Aadminportal-api
[INFO] -- Cache for project [com.fusemail:adminportal-api] not found, synchronizing data..
[INFO] Load rules
[DEBUG] GET 200 http://sonarqube.electric.net/api/rules/list.protobuf | time=100ms
[INFO] Load rules (done) | time=176ms
[INFO] Load project settings
[DEBUG] GET 200 http://sonarqube.electric.net/batch/project.protobuf?key=com.fusemail%3Aadminportal-api&issues_mode=true | time=53ms
[INFO] Load project settings (done) | time=158ms
[INFO] Load project quality profiles
[DEBUG] GET 200 http://sonarqube.electric.net/api/qualityprofiles/search.protobuf?projectKey=com.fusemail%3Aadminportal-api | time=41ms
[INFO] Load project quality profiles (done) | time=53ms
[INFO] Load project active rules
[DEBUG] GET 200 http://sonarqube.electric.net/api/rules/search.protobuf?f=repo,name,severity,lang,internalKey,templateKey,params,actives&activation=true&qprofile=c-sonar-way-50322&p=1&ps=500 | time=128ms
[DEBUG] GET 200 http://sonarqube.electric.net/api/rules/search.protobuf?f=repo,name,severity,lang,internalKey,templateKey,params,actives&activation=true&qprofile=cpp-sonar-way-23842&p=1&ps=500 | time=160ms
[DEBUG] GET 200 http://sonarqube.electric.net/api/rules/search.protobuf?f=repo,name,severity,lang,internalKey,templateKey,params,actives&activation=true&qprofile=java-sonar-03590&p=1&ps=500 | time=64ms
[DEBUG] GET 200 http://sonarqube.electric.net/api/rules/search.protobuf?f=repo,name,severity,lang,internalKey,templateKey,params,actives&activation=true&qprofile=js-sonar-way-84357&p=1&ps=500 | time=103ms
[DEBUG] GET 200 http://sonarqube.electric.net/api/rules/search.protobuf?f=repo,name,severity,lang,internalKey,templateKey,params,actives&activation=true&qprofile=objc-sonar-way-52782&p=1&ps=500 | time=123ms
[DEBUG] GET 200 http://sonarqube.electric.net/api/rules/search.protobuf?f=repo,name,severity,lang,internalKey,templateKey,params,actives&activation=true&qprofile=py-sonar-way-75611&p=1&ps=500 | time=69ms
[INFO] Load project active rules (done) | time=728ms
[INFO] Load server issues
[DEBUG] GET 200 http://sonarqube.electric.net/batch/issues.protobuf?key=com.fusemail%3Aadminportal-api | time=333ms
[INFO] Load server issues (done) | time=524ms
[INFO] Load user information
[DEBUG] GET 401 http://sonarqube.electric.net/batch/users?logins=axxx.mxxxx | time=31ms
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 8.647 s
[INFO] Finished at: 2016-07-22T11:42:01-07:00
[INFO] Final Memory: 66M/467M

The user we see there did have an account in the sonarqube server, I did remove him to see what happens.

Answer 1

The answer is more easy. Go to sonarqube web page, then go to administration, after that go to security and disable " Force User Authentication". Good luck!

Answer 2

Are you forcing authentication in SonarQube?

If this is the case, you basically need to:

1. Generate a token for the user-account in SonarQube
2. Expose the token in an environment variable, say SONAR_TOKEN as below:
   export SONAR_TOKEN="<your_token>" (bash/GitBash)
   SET SONAR_TOKEN="<your_token>" (bat/Windows)
3. Use the token in you maven command like:
   mvn ... sonar:sonar -Dsonar.login=$SONAR_TOKEN (bash/GitBash)
   mvn ... sonar:sonar -Dsonar.login=%SONAR_TOKEN% (bat/Windows)

This is extensively discussed at Sonarqube authorization - how to authorize with sonar-maven-plugin when sonar.forceAuthentication is enabled.

Answer 3

While trying sonar-scanner with the latest sonerQube I got the following error

ERROR: Not authorized. Analyzing this project requires to be authenticated. Please provide the values of the properties sonar.login and sonar.password.

The solution to this is to add sonar.login and sonar.password properties in the Project root configuration file. You can find its path during run of your sonar-scanner

INFO: Scanner configuration file: /Users//.sonar/native-sonar-scanner/sonar-scanner-4.4.0.2170-macosx/conf/sonar-scanner.properties

Update this file with following properties sonar.login= sonar.password=

Try again, you should get your issue resolved.

Answer 4

I had this same issue and could fix it

moving the SonarQube configuration from module build.gradle to app build.gradle.

sonarqube {
    properties {
        property "sonar.host.url", System.getenv("SONAR_URL_KEY")
        property "sonar.login", System.getenv("SONAR_LOGIN_KEY")
        ...
    }
}

Answer 5

If you are getting this error with the new version of sonarqube.

You need to follow below steps.

1. Go to Administration.
2. Then click on Configuration.
3. Go to Security.
4. Scroll down to the end and click on Force user authentication.

Now disable it and click on save.

You will not be getting this error any more now.