Due to an internal change with SonarQube v2024/2025 and the underlying identity provider mechanism, the current CAS plugin does no longer work reliable. Instead the CAS plugin must be switched to a Auth proxy that translates each request to SonarQube by checking with CAS and adding HTTP header fields to an opaque SonarQube URL.