Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SAML-based SSO broken in newest docker image(s) #66

Closed
thezanke opened this issue Sep 26, 2023 · 0 comments
Closed

SAML-based SSO broken in newest docker image(s) #66

thezanke opened this issue Sep 26, 2023 · 0 comments
Labels
bug Something isn't working

Comments

@thezanke
Copy link

thezanke commented Sep 26, 2023
edited

Description

When trying to follow the directions to configure Keycloak SAML 2.0 as the authentication for Structurizr, using the pre-built docker image (3140 or later) no redirect occurs to the SSO login; instead, an exception is thrown. I had to find the exception in tomcat/logs/localhost.<date>.log file as it did not appear in log output on screen.

The thrown exception:

org.apache.catalina.core.StandardWrapperValve.invoke Servlet.service() for servlet [root] in context with path [] threw exception [org.opensaml.ws.message.encoder.MessageEncodingException: Error creating output document] with root cause
    java.lang.ClassNotFoundException: org.owasp.esapi.reference.JavaLogFactory
        at org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1412)
        at org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1220)
        at java.base/java.lang.Class.forName0(Native Method)
        at java.base/java.lang.Class.forName(Unknown Source)
        at org.owasp.esapi.util.ObjFactory.loadClassByStringName(ObjFactory.java:158)
        at org.owasp.esapi.util.ObjFactory.make(ObjFactory.java:81)
        at org.owasp.esapi.ESAPI.logFactory(ESAPI.java:139)
        at org.owasp.esapi.ESAPI.getLogger(ESAPI.java:155)
        ...
        ...
        org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659)
        at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
        at java.base/java.lang.Thread.run(Unknown Source)

Reverting to docker tag 3138 fixes the issue.

This seems maybe related to this ESAPI/esapi-java-legacy#695

Steps to reproduce

Follow the Structurizr SAML 2.0 Keycloak setup guide verbatim using structurizr/onpremises:3140 or later

Screenshot

No response

Code sample

No response

Configuration

No response

Severity

Major

Priority

High

Resolution

I have no budget and there's no rush, please fix this for free

More information

No response
@thezanke thezanke added the bug Something isn't working label Sep 26, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@thezanke