When trying to follow the directions to configure Keycloak SAML 2.0 as the authentication for Structurizr, using the pre-built docker image (3140 or later) no redirect occurs to the SSO login; instead, an exception is thrown. I had to find the exception in tomcat/logs/localhost.<date>.log file as it did not appear in log output on screen.
The thrown exception:
org.apache.catalina.core.StandardWrapperValve.invoke Servlet.service() for servlet [root] in context with path [] threw exception [org.opensaml.ws.message.encoder.MessageEncodingException: Error creating output document] with root cause
java.lang.ClassNotFoundException: org.owasp.esapi.reference.JavaLogFactory
at org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1412)
at org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1220)
at java.base/java.lang.Class.forName0(Native Method)
at java.base/java.lang.Class.forName(Unknown Source)
at org.owasp.esapi.util.ObjFactory.loadClassByStringName(ObjFactory.java:158)
at org.owasp.esapi.util.ObjFactory.make(ObjFactory.java:81)
at org.owasp.esapi.ESAPI.logFactory(ESAPI.java:139)
at org.owasp.esapi.ESAPI.getLogger(ESAPI.java:155)
...
...
org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.base/java.lang.Thread.run(Unknown Source)
Description
When trying to follow the directions to configure Keycloak SAML 2.0 as the authentication for Structurizr, using the pre-built docker image (3140 or later) no redirect occurs to the SSO login; instead, an exception is thrown. I had to find the exception in
tomcat/logs/localhost.<date>.log
file as it did not appear in log output on screen.The thrown exception:
Reverting to docker tag 3138 fixes the issue.
This seems maybe related to this https://github.com/ESAPI/esapi-java-legacy/issues/695
Steps to reproduce
Follow the Structurizr SAML 2.0 Keycloak setup guide verbatim using
structurizr/onpremises:3140
or laterScreenshot
No response
Code sample
No response
Configuration
No response
Severity
Major
Priority
High
Resolution
I have no budget and there's no rush, please fix this for free
More information
No response