Azure AD 与 sonarqube 的集成 [英] Azure AD integration with sonarqube
问题描述
我正在使用 nginx 反向代理在 https 上运行 sonarqube.
I am running sonarqube on https by using nginx reverse proxy.
这是我的 nginx 反向代理配置.
This is my nginx reverse proxy config.
server{
server_name sonarqube.mydomain.co.in;
access_log /var/log/nginx/sonar.access.log;
error_log /var/log/nginx/sonar.error.log;
proxy_buffers 16 64k;
proxy_buffer_size 128k;
location / {
proxy_pass http://127.0.0.1:9000;
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto http;
proxy_set_header X-Forwarded-Proto https;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/sonarqube.mydomain.co.in/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/sonarqube.mydomain.co.in/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server{
if ($host = sonarqube.mydomain.co.in) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name sonarqube.mydomain.co.in;
return 404; # managed by Certbot
}
我从 Azure AD 的库中添加了声纳.之后,我在我的 AZURE SSO 中选择了 SAML.在我的回复 url 中,我配置了 https://sonarqube.mydomain.co.in/oauth2/callback/saml 和我的登录网址 https:///sonarqube.mydomain.co.in.我已将 azure AD 的相关字段配置到我的 sonarqube 插件.
I have added sonarqube from the gallery in Azure AD. After that I selected SAML in my AZURE SSO.In my reply url I have configured https://sonarqube.mydomain.co.in/oauth2/callback/saml and in my signin url https://sonarqube.mydomain.co.in. I have configured the relative fields from azure AD to my sonarqube plugin.
现在,当我尝试在我的 sonarqube 中通过 SAML 登录时,出现此错误
Now when I try to login through SAML in my sonarqube I get this error
You're not authorized to access this page. Please contact the administrator.
Reason: The response was received at http://sonarqube.mydomain.co.in/oauth2/callback/saml instead of https://sonarqube.mydomain.co.in/oauth2/callback/saml
这是因为我的 nginx 反向代理配置吗?我怎样才能解决这个问题?任何帮助将不胜感激
Is this because of my nginx reverse proxy config? How can I fix this? Any help would be appreciated
推荐答案
• 根据配置反向代理的sonarqube文档,应该配置为在每个http请求头中设置值'X_FORWARDED_PROTO: https'.如果没有此属性,SonarQube 服务器发起的重定向将回退到 HTTP.在您的代码中,您错误地指定将请求从 HTTP 重定向到 HTTPS.您尚未在位置"参数下指定要返回到服务器"类下的任何位置.正确的脚本格式应该如下:-
• According to the sonarqube documentation for configuring reverse proxy, it should be configured to set the value ‘X_FORWARDED_PROTO: https’ in each http request header. Without this property, redirection initiated by the SonarQube server will fall back on HTTP. In your code, you have incorrectly specified to redirect the requests from HTTP to HTTPS. You have not specified any location under ‘location’ parameter to return to under the ‘server’ class. The correct script format should be as below: -
‘ server {
listen 80;
server_name sonarqube.mydomain.co.in;
if ($host = sonarqube.mydomain.co.in)
location /
return 301 https://$host$request_uri;
}
} ‘
另外,请删除代码中传递的proxy_redirect off"参数,该参数阻止通过 nginx 代理的重定向请求,并删除proxy_set_header X-Forwarded-Proto http"参数.而不是proxy_set_header X-Forwarded-Proto https",你可以传递一个像$redirect"这样的变量,并如下定义变量,以确保所有请求都到达HTTPS端口:-
Also, please remove the ‘proxy_redirect off’ parameter passed in your code which holds back the redirection requests through the nginx proxy and remove the ‘proxy_set_header X-Forwarded-Proto http’ parameter also. And instead of ‘proxy_set_header X-Forwarded-Proto https’, you can pass a variable like ‘$redirect’ and define the variable as below to ensure all requests reach on HTTPS port: -
if ($scheme != "https") {
return 301 https://$host$request_uri permanent;
}
这篇关于Azure AD 与 sonarqube 的集成的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
