• आप किन संस्करणों का उपयोग कर रहे हैं (सोनारक्यूब, स्कैनर, प्लगइन, और कोई भी प्रासंगिक एक्सटेंशन)

    • सोनारक्यूब: 8.2 समुदाय, https://10.92.6.200/
    • के रूप में काम करता है
    • Gitlab: GitLab समुदाय संस्करण [12.9.0], https://10.225.96.06/< के रूप में काम करता है /ली>
  • आप क्या हासिल करने का प्रयास कर रहे हैं

    मैं Gitlab SSO को सोनारक्वे प्रमाणीकरण सौंपने का प्रयास करता हूं।

  • इसे हासिल करने के लिए आपने अब तक क्या प्रयास किया है?

    मैं सोनारक्यूब नामक एक गिटलैब एप्लिकेशन बनाता हूं, और कॉलबैक यूआरएल https://10.92.6.200/oauth2/callback/gitlab, अनुदान read_user और api स्कोप सेट करता हूं: यहां छवि विवरण दर्ज करें

    फिर सोनारक्यूब एएलएम इंटीग्रेशन को गिटलैब के साथ कॉन्फ़िगर करें, उपयोगकर्ता प्रमाणीकरण को मजबूर करें, सर्वर बेस यूआरएल को https://10.92.6.200 पर सेट करें, ताकि मैं इसे सोनारक्वे लॉगिन पेज में देख सकूं: यहां छवि विवरण दर्ज करें

    जब मैं Log in with Gitlab पर क्लिक करता हूं, तो मुझे यह मिलता है: यहां छवि विवरण दर्ज करें सोनारक्वे वेब लॉग शो:

    2020.04.14 03:30:13 WARN  web[AXFzahyz3CdktahgAAf0][o.s.s.a.AuthenticationError] Fail to callback authentication with 'gitlab'
    java.lang.IllegalStateException: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
            at org.sonar.auth.gitlab.GitLabIdentityProvider.callback(GitLabIdentityProvider.java:104)
            at org.sonar.server.authentication.OAuth2CallbackFilter.handleOAuth2Provider(OAuth2CallbackFilter.java:98)
            at org.sonar.server.authentication.OAuth2CallbackFilter.handleProvider(OAuth2CallbackFilter.java:77)
            at org.sonar.server.authentication.OAuth2CallbackFilter.doFilter(OAuth2CallbackFilter.java:70)
            at org.sonar.server.platform.web.MasterServletFilter$GodFilterChain.doFilter(MasterServletFilter.java:139)
            at org.sonar.server.platform.web.MasterServletFilter.doFilter(MasterServletFilter.java:108)
            at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
            at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
            at org.sonar.server.platform.web.UserSessionFilter.doFilter(UserSessionFilter.java:88)
            at org.sonar.server.platform.web.UserSessionFilter.doFilter(UserSessionFilter.java:72)
            at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
            at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
            at org.sonar.server.platform.web.CacheControlFilter.doFilter(CacheControlFilter.java:76)
            at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
            at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
            at org.sonar.server.platform.web.SecurityServletFilter.doHttpFilter(SecurityServletFilter.java:76)
            at org.sonar.server.platform.web.SecurityServletFilter.doFilter(SecurityServletFilter.java:48)
            at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
            at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
            at org.sonar.server.platform.web.RedirectFilter.doFilter(RedirectFilter.java:58)
            at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
            at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
            at org.sonar.server.platform.web.RequestIdFilter.doFilter(RequestIdFilter.java:66)
            at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
            at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
            at org.sonar.server.platform.web.RootFilter.doFilter(RootFilter.java:62)
            at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
            at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
            at org.apache.catalina.filters.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:109)
            at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
            at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
            at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199)
            at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
            at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:493)
            at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:137)
            at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)
            at ch.qos.logback.access.tomcat.LogbackValve.invoke(LogbackValve.java:256)
            at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)
            at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
            at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:798)
            at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
            at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:808)
            at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1498)
            at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
            at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
            at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
            at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
            at java.base/java.lang.Thread.run(Unknown Source)
    Caused by: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
            at java.base/sun.security.ssl.Alert.createSSLException(Unknown Source)
            at java.base/sun.security.ssl.TransportContext.fatal(Unknown Source)
            at java.base/sun.security.ssl.TransportContext.fatal(Unknown Source)
            at java.base/sun.security.ssl.TransportContext.fatal(Unknown Source)
            at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.checkServerCerts(Unknown Source)
            at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.onConsumeCertificate(Unknown Source)
            at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.consume(Unknown Source)
            at java.base/sun.security.ssl.SSLHandshake.consume(Unknown Source)
            at java.base/sun.security.ssl.HandshakeContext.dispatch(Unknown Source)
            at java.base/sun.security.ssl.HandshakeContext.dispatch(Unknown Source)
            at java.base/sun.security.ssl.TransportContext.dispatch(Unknown Source)
            at java.base/sun.security.ssl.SSLTransport.decode(Unknown Source)
            at java.base/sun.security.ssl.SSLSocketImpl.decode(Unknown Source)
            at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(Unknown Source)
            at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
            at java.base/sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
            at java.base/sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
            at java.base/sun.net.www.protocol.http.HttpURLConnection.getOutputStream0(Unknown Source)
            at java.base/sun.net.www.protocol.http.HttpURLConnection.getOutputStream(Unknown Source)
            at java.base/sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(Unknown Source)
            at com.github.scribejava.core.httpclient.jdk.JDKHttpClient.prepareConnectionForBodyAndGetOutputStream(JDKHttpClient.java:269)
            at com.github.scribejava.core.httpclient.jdk.JDKHttpClient.addBody(JDKHttpClient.java:195)
            at com.github.scribejava.core.httpclient.jdk.JDKHttpClient.access$100(JDKHttpClient.java:26)
            at com.github.scribejava.core.httpclient.jdk.JDKHttpClient$BodyType$1.setBody(JDKHttpClient.java:147)
            at com.github.scribejava.core.httpclient.jdk.JDKHttpClient.doExecute(JDKHttpClient.java:129)
            at com.github.scribejava.core.httpclient.jdk.JDKHttpClient.execute(JDKHttpClient.java:95)
            at com.github.scribejava.core.oauth.OAuthService.execute(OAuthService.java:114)
            at com.github.scribejava.core.oauth.OAuth20Service.sendAccessTokenRequestSync(OAuth20Service.java:46)
            at com.github.scribejava.core.oauth.OAuth20Service.getAccessToken(OAuth20Service.java:97)
            at com.github.scribejava.core.oauth.OAuth20Service.getAccessToken(OAuth20Service.java:92)
            at org.sonar.auth.gitlab.GitLabIdentityProvider.onCallback(GitLabIdentityProvider.java:115)
            at org.sonar.auth.gitlab.GitLabIdentityProvider.callback(GitLabIdentityProvider.java:102)
            ... 47 common frames omitted
    Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
            at java.base/sun.security.validator.PKIXValidator.doBuild(Unknown Source)
            at java.base/sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
            at java.base/sun.security.validator.Validator.validate(Unknown Source)
            at java.base/sun.security.ssl.X509TrustManagerImpl.validate(Unknown Source)
            at java.base/sun.security.ssl.X509TrustManagerImpl.checkTrusted(Unknown Source)
            at java.base/sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
            ... 75 common frames omitted
    Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
            at java.base/sun.security.provider.certpath.SunCertPathBuilder.build(Unknown Source)
            at java.base/sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source)
            at java.base/java.security.cert.CertPathBuilder.build(Unknown Source)
            ... 81 common frames omitted
    

क्या कोई मेरी मदद कर सकता है, मैं बहुत आभारी रहूंगा।

2
Libraco 14 अप्रैल 2020, 06:55

1 उत्तर

सबसे बढ़िया उत्तर

प्रासंगिक त्रुटि है

PKIX path building failed:    
  sun.security.provider.certpath.SunCertPathBuilderException: 
  unable to find valid certification path to requested targe

यह एक जावा एप्लिकेशन (यहां सोनार) के लिए विशिष्ट है, जिसके कीस्टोर में उचित प्रमाणपत्र (GitLab द्वारा आवश्यक) नहीं है।

आप GitLab सर्वर प्रमाणपत्र प्राप्त करने के लिए openssl का उपयोग कर सकते हैं

फिर आप इसे जावा कीस्टोर में जोड़ सकते हैं (जावा सोनार को चलाता था)

2
VonC 14 अप्रैल 2020, 05:31