Force auto redirect to the identity provider login page

Question

Force auto redirect to the identity provider login page

olivier-jobert opened this issue 4 years ago · 1 comments

Hello,

do you plan to add a feature to force auto redirect to the identity provider login page instead of showing the default SonarQube login page (where Log in with OpenID button is displayed when your plugin is activated) ?

For the moment, I use the sonar.forceAuthentication option to force redirect non logged user to the SonarQube login page but I would be able to had a parameter that allow to force redirect to login page of a chosen IdP.

Thanks

Answer 1 · 2021-08-22T14:57:45.000Z

The new Auto-Login servlet only works in combination with "Force user authentication" (property sonar.forceAuthentication). The Servlet redirects from SonarQube's login page automatically to the identity provider's login page. If Auto-Login is enabled then no logout from SonarQube is possible anymore. This is because SQ's logout redirects to the login page which triggers Auto-Login.

To manually login (e.g. as an administrator) Auto-login can be temporarily disabled by using the URL <sonarServerBaseURL>/?auto-login=false in a new browser session (without cookie from previous SonarQube login).