search

structurizr / onpremises

Structurizr on-premises installation
https://docs.structurizr.com/onpremises
MIT License
140 stars 54 forks source link

SAML-based SSO broken in newest docker image(s) #66

Closed thezanke closed 1 year ago

thezanke commented 1 year ago

Description

When trying to follow the directions to configure Keycloak SAML 2.0 as the authentication for Structurizr, using the pre-built docker image (3140 or later) no redirect occurs to the SSO login; instead, an exception is thrown. I had to find the exception in tomcat/logs/localhost.<date>.log file as it did not appear in log output on screen.

The thrown exception:

org.apache.catalina.core.StandardWrapperValve.invoke Servlet.service() for servlet [root] in context with path [] threw exception [org.opensaml.ws.message.encoder.MessageEncodingException: Error creating output document] with root cause
    java.lang.ClassNotFoundException: org.owasp.esapi.reference.JavaLogFactory
        at org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1412)
        at org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1220)
        at java.base/java.lang.Class.forName0(Native Method)
        at java.base/java.lang.Class.forName(Unknown Source)
        at org.owasp.esapi.util.ObjFactory.loadClassByStringName(ObjFactory.java:158)
        at org.owasp.esapi.util.ObjFactory.make(ObjFactory.java:81)
        at org.owasp.esapi.ESAPI.logFactory(ESAPI.java:139)
        at org.owasp.esapi.ESAPI.getLogger(ESAPI.java:155)
        ...
        ...
        org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659)
        at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
        at java.base/java.lang.Thread.run(Unknown Source)

Reverting to docker tag 3138 fixes the issue.

This seems maybe related to this https://github.com/ESAPI/esapi-java-legacy/issues/695

Steps to reproduce

Follow the Structurizr SAML 2.0 Keycloak setup guide verbatim using structurizr/onpremises:3140 or later

Screenshot

No response

Code sample

No response

Configuration

No response

Severity

Major

Priority

High

Resolution

I have no budget and there's no rush, please fix this for free

More information

No response