Authenticate sonar via web-based login

[GoogleCodeExporter]

What steps will reproduce the problem?
1. Configure sonar server
2. 'Get issues from Server...'
3. Load Project List

What is the expected output? What do you see instead?
A list of projects should be displayed

What version of the product are you using? On what operating system?
2.1

Please provide any additional information below.
I think the problem ist the authentication. In the browser we need to 
authenticate ourselves via a web-based from that is shown when I go to 
https://sonarserver.company.com

It shows:

Login:     [                 ]
Password : [              ]
[] Remember on my computer
[Login] Cancel

This might be a sonarqube plugin that is activated and seems to work via LDAP 
since you have to login with your personal account.

The form behind this uses <input name='login'..> and <input 
name='password'...>. Maybe you could extend authentication to use a POST 
request to authenticate in order to make it work...

Original issue reported on code.google.com by thomas.z...@gmail.com on 20 Oct 2014 at 9:33

[GoogleCodeExporter]

When I choose "Get issues from Server..." I got this exception:

sun.security.provider.certpath.SunCertPathBuilderException: unable to find 
valid certification path to requested target
    at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:145)
    at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:131)
    at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)
    at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:382)
Caused: sun.security.validator.ValidatorException: PKIX path building failed
    at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:387)
    at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)
    at sun.security.validator.Validator.validate(Validator.java:260)
    at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324)
    at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229)
    at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)
    at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1351)
Caused: javax.net.ssl.SSLHandshakeException
    at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
    at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1917)
    at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:301)
    at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:295)
    at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1369)
    at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:156)
    at sun.security.ssl.Handshaker.processLoop(Handshaker.java:925)
    at sun.security.ssl.Handshaker.process_record(Handshaker.java:860)
    at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1043)
    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1343)
    at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:728)
    at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:123)
    at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82)
    at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:140)
    at org.apache.commons.httpclient.HttpConnection.flushRequestOutputStream(HttpConnection.java:828)
    at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.flushRequestOutputStream(MultiThreadedHttpConnectionManager.java:1565)
    at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2116)
    at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096)
    at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398)
    at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
    at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
    at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323)
    at org.sonar.wsclient.connectors.HttpClient3Connector.executeRequest(HttpClient3Connector.java:102)
Caused: org.sonar.wsclient.connectors.ConnectionException: Query: 
org.apache.commons.httpclient.methods.GetMethod@3b83f06c
    at org.sonar.wsclient.connectors.HttpClient3Connector.executeRequest(HttpClient3Connector.java:115)
    at org.sonar.wsclient.connectors.HttpClient3Connector.execute(HttpClient3Connector.java:81)
    at org.sonar.wsclient.Sonar.findAll(Sonar.java:63)
    at qubexplorer.server.SonarQube.getProjectsKeys(SonarQube.java:204)
    at qubexplorer.server.SonarQube.existsProject(SonarQube.java:247)
    at qubexplorer.server.SonarQube.getSummary(SonarQube.java:262)
    at qubexplorer.ui.SummaryTask.execute(SummaryTask.java:28)
    at qubexplorer.ui.SummaryTask.execute(SummaryTask.java:16)
    at qubexplorer.ui.task.TaskExecutor$TaskWorker.doInBackground(TaskExecutor.java:61)
    at javax.swing.SwingWorker$1.call(SwingWorker.java:295)
    at java.util.concurrent.FutureTask.run(FutureTask.java:266)
    at javax.swing.SwingWorker.run(SwingWorker.java:334)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
[catch] at java.lang.Thread.run(Thread.java:745)


Our URL looks like: https://sonar.company.com it's only available inside the 
intranet without authentication.

Original comment by c...@spreadshirt.net on 20 Oct 2014 at 12:06