structurizr / onpremises Goto Github PK
View Code? Open in Web Editor NEWStructurizr on-premises installation
Home Page: https://docs.structurizr.com/onpremises
License: MIT License
onpremises's People
Contributors
Stargazers
Watchers
Forkers
yurytinos ryancblack joelbinn rodgerhe cavies francois-travais psacchitella tum0xa pnwology j-cat arthurfritz dnrtrdata cim-labs guepardo190889 endless-qa eugenemakarkhin samm-git kmigielek charlesfauman thibaultce brandonmcclure skiddow123 epy0n0ff benharvie sheldonip maldworth ba-kr oakular gqadonis yogur nathandotto clinicalinspire sandersneo jknohr angel-cruz-femsa angeljach canthackthehack salehalbalkhi solvo-ru iowaz kitechsoftware dzharikhin forestwalkeronpremises's Issues
Redirect after Saml login looses original URL info
We are using saml authentication method with okta as provider.
The problem is that if we distribute links to ADRs like: https://server.structurizr.org/workspace/4/decisions/*#10.
If users click on this and are not logged in yet, after successful authentication they are redirected to: https://server.structurizr.org/workspace/4/decisions/*.
There is clearly an issue with the '#' symbol. In the network tab you can see a 303 POST call to /saml/SSO. This has as location header in the response https://server.structurizr.org/workspace/4/decisions/*. I suspect this is wrong and the #10 is lost here.
Who to contact for security issues
Hello 👋
I run a security community that finds and fixes vulnerabilities in OSS. A researcher (@alexeymyasnikov) has found a potential issue, which I would be eager to share with you.
Could you add a SECURITY.md file with an e-mail address for me to send further details to? GitHub recommends a security policy to ensure issues are responsibly disclosed, and it would help direct researchers in the future.
Looking forward to hearing from you 👍
(cc @huntr-helper)
onpremise:latest does not fully conform to SSL in `structurizr.url`
When using a config:
structurizr.url=https://domain.com
Structurizer mostly works. However, when trying to login, it's 302'ing to an http URL.
I am putting my API gateway in front of Structurizr to repair these broken redirects, but this appears to be a bug where the onpremise software doesn't fully respect structurizr.url.
Structurizr with Keycloak : Request method 'POST' not supported
Description
Server description
I have a structurizr and keycloak containairs behind a reverse proxy nginx.
I want to authenticate with SAML.
Problem description
When I click on "Sign In" button in structurizr web UI, I got successfully redirected to keycloak login page.
After I validate my credentials, I got successfullt redirected to https://structurizr.mydomain.fr/saml/SSO.
At this moment I got a blank page and I'm stuck on https://structurizr.mydomain.fr/saml/SSO, but I shloud be redirected on dashboard as an authenticated user.
I have a 405 error in my console
And I have this error in structurizr logs : structurizr-structurizr-1 | [WARN ] 2023-08-26 11:32:24.532 [http-nio-8080-exec-3] DefaultHandlerExceptionResolver - Resolved [org.springframework.web.HttpRequestMethodNotSupportedException: Request method 'POST' not supported]
Steps to reproduce
- Configure keycloak container (v.22.0) following the official documentation https://structurizr.com/public/18571/documentation#overview
- Configure structurizr onpremises (v.3130) container for saml following the official documentation https://structurizr.com/public/18571/documentation#overview
- Create a keycloak user and try to connect to structurizr with him.
Screenshot
No response
Code sample
No response
Configuration
No response
Severity
Minor
Priority
Low
Resolution
I have no budget, please fix this for free
More information
No response
Add an option to archive workspaces rather than delete them
Description
The workspace folder is deleted when the workspace is deleted, resulting in the workspace ID potentially being recycled. It would be nice to have an option to have workspaces archived rather than deleted to prevent this behaviour.
Priority
High
Resolution
I'm willing to add this feature myself and raise a PR
More information
No response
Embedded diagram in documentation are randomly not rendered due to a SAXParseException
Description
I've created a workspace which includes diagram and markdown documentation. I've tested locally with Stricturizr Lite and the diagrams as well as teh documentation are all properly rendered.
Now I want to distribute my work by using the shared link option of the On-prem edition. I have imported my local workspace json and when I click on the documentation link, everything seems to be properly rendered however some of the embedded diagram are just rendered as blank.
by looking at the logs of Tomcat I can see the following error:
org.xml.sax.SAXParseException; Premature end of file. at org.apache.xerces.parsers.DOMParser.parse(Unknown Source) at org.apache.xerces.jaxp.DocumentBuilderImpl.parse(Unknown Source) at java.xml/javax.xml.parsers.DocumentBuilder.parse(DocumentBuilder.java:122) at com.structurizr.graphviz.SVGReader.parseAndApplyLayout(SVGReader.java:47) at com.structurizr.graphviz.GraphvizAutomaticLayout.apply(GraphvizAutomaticLayout.java:129) at com.structurizr.onpremises.web.graphviz.GraphvizController.post(GraphvizController.java:75) at jdk.internal.reflect.GeneratedMethodAccessor245.invoke(Unknown Source) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.base/java.lang.reflect.Method.invoke(Method.java:568) at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:205) at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:150) ......
And what is surprising is that it is not always the same diagrams that are rendered as blanks. when refrershing the page (F5 under firefox) the diagram pereviously rendered as blank are correctly rendered and at least another one is rendered as blank.
Steps to reproduce
-
Unzip the file below and open the workspace in Structurizr lite
ws01.zip -
You can check that the diagrams and the embedded diagram in documentation are correctly rendered
-
Import the workspace json fil einto the On-prem edition
-
The diagram are properly rendered
-
The embeded diagram are not all properly rendered (some are blank)
-
Note that the embedded diagram are all properly rendered when importing the workspace in structurizr cloud
Screenshot
Code sample
No response
Configuration
structurizr lite: 3047
structurizr on-prem: 3052
java: open JDK 17
tomcat: V9
OS: Linux and Windows
Severity
Minor
Priority
Medium
Resolution
I have no budget, please fix this for free
More information
I will also do my best to have a look at the code to see why it is failling and if I can fix it ;-)
javax.net.ssl.SSLHandshakeException when loading Graphviz
Description
I recently upgraded to the latest docker image (3054) of Structurizr on-prem.
However, when I try to change the lay-out of my diagrams, I can't use the diagram editor (https://www.structurizr.com/help/diagram-editor) anymore.
When looking into the docker logs I can see that there is a javax.net.ssl.SSLHandshakeException thrown when trying to load the diagram editor.
My PC is running from behind a proxy (ZScaler) however, editing the diagram layout was working in the previous version
Steps to reproduce
- From the Structurizr home page open any workspace
- Click on Diagrams
- The icon with the pencil is shown when opening the "Diagrams" page
- Icon disappears after loading and changing the layout is not possible anymore.
Screenshot
No response
Code sample
No response
Configuration
No response
Severity
Major
Priority
Medium
Resolution
I have no budget, please fix this for free
More information
2023-05-02 11:42:12 javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
2023-05-02 11:42:12 at java.base/sun.security.ssl.Alert.createSSLException(Unknown Source)
2023-05-02 11:42:12 at java.base/sun.security.ssl.TransportContext.fatal(Unknown Source)
2023-05-02 11:42:12 at java.base/sun.security.ssl.TransportContext.fatal(Unknown Source)
2023-05-02 11:42:12 at java.base/sun.security.ssl.TransportContext.fatal(Unknown Source)
2023-05-02 11:42:12 at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.checkServerCerts(Unknown Source)
2023-05-02 11:42:12 at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.onConsumeCertificate(Unknown Source)
2023-05-02 11:42:12 at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.consume(Unknown Source)
2023-05-02 11:42:12 at java.base/sun.security.ssl.SSLHandshake.consume(Unknown Source)
2023-05-02 11:42:12 at java.base/sun.security.ssl.HandshakeContext.dispatch(Unknown Source)
2023-05-02 11:42:12 at java.base/sun.security.ssl.HandshakeContext.dispatch(Unknown Source)
2023-05-02 11:42:12 at java.base/sun.security.ssl.TransportContext.dispatch(Unknown Source)
2023-05-02 11:42:12 at java.base/sun.security.ssl.SSLTransport.decode(Unknown Source)
2023-05-02 11:42:12 at java.base/sun.security.ssl.SSLSocketImpl.decode(Unknown Source)
2023-05-02 11:42:12 at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(Unknown Source)
2023-05-02 11:42:12 at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
2023-05-02 11:42:12 at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
2023-05-02 11:42:12 at org.apache.hc.client5.http.ssl.SSLConnectionSocketFactory.executeHandshake(SSLConnectionSocketFactory.java:303)
2023-05-02 11:42:12 at org.apache.hc.client5.http.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:275)
2023-05-02 11:42:12 at org.apache.hc.client5.http.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:251)
2023-05-02 11:42:12 at org.apache.hc.client5.http.impl.io.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:181)
2023-05-02 11:42:12 at org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:447)
2023-05-02 11:42:12 at org.apache.hc.client5.http.impl.classic.InternalExecRuntime.connectEndpoint(InternalExecRuntime.java:162)
2023-05-02 11:42:12 at org.apache.hc.client5.http.impl.classic.InternalExecRuntime.connectEndpoint(InternalExecRuntime.java:172)
2023-05-02 11:42:12 at org.apache.hc.client5.http.impl.classic.ConnectExec.execute(ConnectExec.java:142)
2023-05-02 11:42:12 at org.apache.hc.client5.http.impl.classic.ExecChainElement.execute(ExecChainElement.java:51)
2023-05-02 11:42:12 at org.apache.hc.client5.http.impl.classic.ProtocolExec.execute(ProtocolExec.java:192)
2023-05-02 11:42:12 at org.apache.hc.client5.http.impl.classic.ExecChainElement.execute(ExecChainElement.java:51)
2023-05-02 11:42:12 at org.apache.hc.client5.http.impl.classic.HttpRequestRetryExec.execute(HttpRequestRetryExec.java:96)
2023-05-02 11:42:12 at org.apache.hc.client5.http.impl.classic.ExecChainElement.execute(ExecChainElement.java:51)
2023-05-02 11:42:12 at org.apache.hc.client5.http.impl.classic.ContentCompressionExec.execute(ContentCompressionExec.java:152)
2023-05-02 11:42:12 at org.apache.hc.client5.http.impl.classic.ExecChainElement.execute(ExecChainElement.java:51)
2023-05-02 11:42:12 at org.apache.hc.client5.http.impl.classic.RedirectExec.execute(RedirectExec.java:115)
2023-05-02 11:42:12 at org.apache.hc.client5.http.impl.classic.ExecChainElement.execute(ExecChainElement.java:51)
2023-05-02 11:42:12 at org.apache.hc.client5.http.impl.classic.InternalHttpClient.doExecute(InternalHttpClient.java:170)
2023-05-02 11:42:12 at org.apache.hc.client5.http.impl.classic.CloseableHttpClient.execute(CloseableHttpClient.java:123)
2023-05-02 11:42:12 at com.structurizr.view.ThemeUtils.loadThemes(ThemeUtils.java:74)
2023-05-02 11:42:12 at com.structurizr.onpremises.web.graphviz.GraphvizController.post(GraphvizController.java:32)
2023-05-02 11:42:12 at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
2023-05-02 11:42:12 at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
2023-05-02 11:42:12 at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
2023-05-02 11:42:12 at java.base/java.lang.reflect.Method.invoke(Unknown Source)
2023-05-02 11:42:12 at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:205)
2023-05-02 11:42:12 at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:150)
2023-05-02 11:42:12 at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:117)
2023-05-02 11:42:12 at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:895)
2023-05-02 11:42:12 at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:808)
2023-05-02 11:42:12 at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:87)
2023-05-02 11:42:12 at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1071)
2023-05-02 11:42:12 at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:964)
2023-05-02 11:42:12 at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1006)
2023-05-02 11:42:12 at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:909)
2023-05-02 11:42:12 at javax.servlet.http.HttpServlet.service(HttpServlet.java:696)
2023-05-02 11:42:12 at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:883)
2023-05-02 11:42:12 at javax.servlet.http.HttpServlet.service(HttpServlet.java:779)
2023-05-02 11:42:12 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:227)
2023-05-02 11:42:12 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
2023-05-02 11:42:12 at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53)
2023-05-02 11:42:12 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)
2023-05-02 11:42:12 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
2023-05-02 11:42:12 at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:327)
2023-05-02 11:42:12 at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:115)
2023-05-02 11:42:12 at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:81)
2023-05-02 11:42:12 at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
2023-05-02 11:42:12 at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:122)
2023-05-02 11:42:12 at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:116)
2023-05-02 11:42:12 at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
2023-05-02 11:42:12 at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:126)
2023-05-02 11:42:12 at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:81)
2023-05-02 11:42:12 at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
2023-05-02 11:42:12 at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:109)
2023-05-02 11:42:12 at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
2023-05-02 11:42:12 at org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter.doFilter(RememberMeAuthenticationFilter.java:102)
2023-05-02 11:42:12 at org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter.doFilter(RememberMeAuthenticationFilter.java:93)
2023-05-02 11:42:12 at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
2023-05-02 11:42:12 at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:149)
2023-05-02 11:42:12 at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
2023-05-02 11:42:12 at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63)
2023-05-02 11:42:12 at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
2023-05-02 11:42:12 at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:219)
2023-05-02 11:42:12 at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:213)
2023-05-02 11:42:12 at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
2023-05-02 11:42:12 at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:103)
2023-05-02 11:42:12 at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:89)
2023-05-02 11:42:12 at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
2023-05-02 11:42:12 at org.springframework.security.web.csrf.CsrfFilter.doFilterInternal(CsrfFilter.java:117)
2023-05-02 11:42:12 at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)
2023-05-02 11:42:12 at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
2023-05-02 11:42:12 at org.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:90)
2023-05-02 11:42:12 at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:75)
2023-05-02 11:42:12 at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)
2023-05-02 11:42:12 at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
2023-05-02 11:42:12 at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:55)
2023-05-02 11:42:12 at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)
2023-05-02 11:42:12 at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
2023-05-02 11:42:12 at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:110)
2023-05-02 11:42:12 at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:80)
2023-05-02 11:42:12 at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
2023-05-02 11:42:12 at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:211)
2023-05-02 11:42:12 at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:183)
2023-05-02 11:42:12 at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:354)
2023-05-02 11:42:12 at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:267)
2023-05-02 11:42:12 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)
2023-05-02 11:42:12 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
2023-05-02 11:42:12 at com.structurizr.onpremises.web.NoOpSpringSessionRepositoryFilter.doFilter(NoOpSpringSessionRepositoryFilter.java:14)
2023-05-02 11:42:12 at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:354)
2023-05-02 11:42:12 at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:267)
2023-05-02 11:42:12 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)
2023-05-02 11:42:12 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
2023-05-02 11:42:12 at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201)
2023-05-02 11:42:12 at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)
2023-05-02 11:42:12 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)
2023-05-02 11:42:12 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
2023-05-02 11:42:12 at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:102)
2023-05-02 11:42:12 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)
2023-05-02 11:42:12 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
2023-05-02 11:42:12 at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:177)
2023-05-02 11:42:12 at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97)
2023-05-02 11:42:12 at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:541)
2023-05-02 11:42:12 at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:135)
2023-05-02 11:42:12 at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
2023-05-02 11:42:12 at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:687)
2023-05-02 11:42:12 at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78)
2023-05-02 11:42:12 at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:360)
2023-05-02 11:42:12 at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:399)
2023-05-02 11:42:12 at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
2023-05-02 11:42:12 at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:891)
2023-05-02 11:42:12 at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1784)
2023-05-02 11:42:12 at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
2023-05-02 11:42:12 at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191)
2023-05-02 11:42:12 at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659)
2023-05-02 11:42:12 at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
2023-05-02 11:42:12 at java.base/java.lang.Thread.run(Unknown Source)
2023-05-02 11:42:12 Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
2023-05-02 11:42:12 at java.base/sun.security.validator.PKIXValidator.doBuild(Unknown Source)
2023-05-02 11:42:12 at java.base/sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
2023-05-02 11:42:12 at java.base/sun.security.validator.Validator.validate(Unknown Source)
2023-05-02 11:42:12 at java.base/sun.security.ssl.X509TrustManagerImpl.checkTrusted(Unknown Source)
2023-05-02 11:42:12 at java.base/sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
2023-05-02 11:42:12 ... 128 more
2023-05-02 11:42:12 Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
2023-05-02 11:42:12 at java.base/sun.security.provider.certpath.SunCertPathBuilder.build(Unknown Source)
2023-05-02 11:42:12 at java.base/sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source)
2023-05-02 11:42:12 at java.base/java.security.cert.CertPathBuilder.build(Unknown Source)
2023-05-02 11:42:12 ... 133 more
Configuration and data directory issue
Description
I am struggling to run the on-premises version of the application in our kubernetes strack. And it's because the properties file is nested in the data directory.
I want to manage the config via configmap, and mount it to a filepath. And my data directory to be a volume mount. But you cannot mount a config map to disk over a volume mount.
Something simple to fix this would be to provide a way to point to the properties file outside of the data directory. Or alternatively, make all options available via ENV variable.
Steps to reproduce
Use both a volume mount and configmap.
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: nexus-diagrams
namespace: {{ .Values.namespace}}
spec:
selector:
matchLabels:
run: nexus-diagrams
replicas: {{ .Values.replicaCount }}
template:
metadata:
labels:
run: nexus-diagrams
spec:
containers:
- name: nexus-diagrams
image: structurizr/onpremises:3130
imagePullPolicy: Always
ports:
- containerPort: 8080
# readinessProbe:
# httpGet:
# path: /
# port: 8080
# initialDelaySeconds: 5
# periodSeconds: 10
# livenessProbe:
# httpGet:
# path: /
# port: 8080
# initialDelaySeconds: 10
# periodSeconds: 20
command:
- tail
- -f
- /dev/null
resources:
limits:
memory: 1Gi
requests:
memory: 512Mi
env:
- name: STRUCTURIZR_DATA_DIRECTORY
value: "/data"
volumeMounts:
- name: diagrams-storage-volume
mountPath: "/data"
- name: structurizr-properties
mountPath: "/data"
subPath: "structurizr.properties"
volumes:
- name: diagrams-storage-volume
persistentVolumeClaim:
claimName: diagrams-storage-pv-claim
- name: structurizr-properties
configMap:
name: properties-file
items:
- key: "config"
path: "structurizr.properties"
---
apiVersion: v1
kind: Service
metadata:
name: nexus-diagrams
namespace: {{ .Values.namespace}}
labels:
run: nexus-diagrams
spec:
ports:
- port: 8080
protocol: TCP
name: http
selector:
run: nexus-diagrams
---
kind: Ingress
apiVersion: networking.k8s.io/v1
metadata:
name: nexus-diagrams-ingress
namespace: {{ .Values.namespace}}
annotations:
traefik.ingress.kubernetes.io/router.middlewares: {{ .Values.namespace }}-whitelist@kubernetescrd
spec:
rules:
- host: {{ .Values.dnsName }}
http:
paths:
- backend:
service:
name: nexus-diagrams
port:
name: http
path: /
pathType: Prefix
tls:
- hosts:
- {{ .Values.dnsName }}
secretName: tls-nexus-diagrams-ingress
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: tls-nexus-diagrams-ingress
namespace: {{ .Values.namespace}}
spec:
secretName: tls-nexus-diagrams-ingress
dnsNames:
- {{ .Values.dnsName }}
issuerRef:
name: letsencrypt-production
kind: ClusterIssuer
group: cert-manager.io
---
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: whitelist
namespace: {{ .Values.namespace}}
spec:
ipWhiteList:
sourceRange:
{{- range .Values.vpnOfficeIps }}
- {{.}}{{- end }}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: properties-file
data:
config: |
structurizr.url={{.Values.dnsName}}
structurizr.session=local
structurizr.data=file
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: diagrams-storage-pv-claim
spec:
accessModes:
- ReadWriteOnce
storageClassName: csi-cinder-sc-retain
resources:
requests:
storage: 1Gi
Screenshot
No response
Code sample
No response
Configuration
Using image: structurizr/onpremises:3130
Severity
Major
Priority
Low
Resolution
I have no budget, please fix this for free
More information
No response
Kubernetes config
I'm trying to deploy structurizr to a kubernetes cluster and trying to write a config map that uses env vars loaded from Secrets. This is to protect the passwords for Elastic Search and Redis.
The apache commons configuration should support env vars interpolated in the structurizr.properties file but it's not working, for example:
structurizr.url=${env:URL}
Can you suggest a work around?
NullPointerException thrown when trying to pull or push workspace with docs
From build 3002 and onwards, pulling or pushing an update on existing workspace that includes docs, throws a null pointer.
Steps to reproduce:
- clone https://github.com/dimitrisfasoulas/structurizr-example
- start structurizr version 3002
docker run -it --rm -p 8080:8080 structurizr/onpremises:3002 - login to structurizr, create a workspace and copy cli parameters from settings
- use structurizr cli to push workspace.dsl
structurizr.sh push -url http://localhost:8080/api -id 1 -key 94435ac8-50d3-466e-b6f5-8395df84c02e -secret 1a0c7e22-07da-4340-ad8b-0eed3baae4ce -workspace workspace.dsl
structurizr.sh push -url http://localhost:8080/api -id 1 -key 94435ac8-50d3-466e-b6f5-8395df84c02e -secret 1a0c7e22-07da-4340-ad8b-0eed3baae4ce -workspace workspace.dsl
Pushing workspace 1 to http://localhost:8080/api
- creating new workspace
- parsing model and views from /home/gatos/git/structurizr-example/workspace.dsl
- merge layout from remote: true
- no views defined; creating default views
- storing previous version of workspace in null
- pushing workspace
Getting workspace with ID 1
SoftwareSystem://Service is missing a description.
Putting workspace with ID 1
{"success":true,"message":"OK","revision":2}
- finished
- try to push again with the same command
structurizr.sh push -url http://localhost:8080/api -id 1 -key 94435ac8-50d3-466e-b6f5-8395df84c02e -secret 1a0c7e22-07da-4340-ad8b-0eed3baae4ce -workspace workspace.dsl
Pushing workspace 1 to http://localhost:8080/api
- creating new workspace
- parsing model and views from /home/gatos/git/structurizr-example/workspace.dsl
- merge layout from remote: true
- no views defined; creating default views
- storing previous version of workspace in null
- pushing workspace
Getting workspace with ID 1
com.fasterxml.jackson.databind.JsonMappingException: (was java.lang.NullPointerException) (through reference chain: com.structurizr.Workspace["documentation"]->com.structurizr.documentation.Documentation["sections"]->java.util.HashSet[0])
at com.fasterxml.jackson.databind.JsonMappingException.wrapWithPath(JsonMappingException.java:402)
at com.fasterxml.jackson.databind.JsonMappingException.wrapWithPath(JsonMappingException.java:373)
at com.fasterxml.jackson.databind.deser.std.CollectionDeserializer._deserializeFromArray(CollectionDeserializer.java:375)
at com.fasterxml.jackson.databind.deser.std.CollectionDeserializer.deserialize(CollectionDeserializer.java:244)
at com.fasterxml.jackson.databind.deser.std.CollectionDeserializer.deserialize(CollectionDeserializer.java:28)
at com.fasterxml.jackson.databind.deser.impl.MethodProperty.deserializeAndSet(MethodProperty.java:129)
at com.fasterxml.jackson.databind.deser.BeanDeserializer.vanillaDeserialize(BeanDeserializer.java:314)
at com.fasterxml.jackson.databind.deser.BeanDeserializer.deserialize(BeanDeserializer.java:177)
at com.fasterxml.jackson.databind.deser.impl.MethodProperty.deserializeAndSet(MethodProperty.java:129)
at com.fasterxml.jackson.databind.deser.BeanDeserializer.vanillaDeserialize(BeanDeserializer.java:314)
at com.fasterxml.jackson.databind.deser.BeanDeserializer.deserialize(BeanDeserializer.java:177)
at com.fasterxml.jackson.databind.deser.DefaultDeserializationContext.readRootValue(DefaultDeserializationContext.java:323)
at com.fasterxml.jackson.databind.ObjectMapper._readMapAndClose(ObjectMapper.java:4730)
at com.fasterxml.jackson.databind.ObjectMapper.readValue(ObjectMapper.java:3690)
at com.structurizr.io.json.JsonReader.read(JsonReader.java:39)
at com.structurizr.api.StructurizrClient.getWorkspace(StructurizrClient.java:332)
at com.structurizr.api.StructurizrClient.putWorkspace(StructurizrClient.java:373)
at com.structurizr.cli.PushCommand.run(PushCommand.java:137)
at com.structurizr.cli.StructurizrCliApplication.run(StructurizrCliApplication.java:77)
at com.structurizr.cli.StructurizrCliApplication.main(StructurizrCliApplication.java:112)
Caused by: java.lang.NullPointerException
at com.structurizr.documentation.Section.hashCode(Section.java:67)
at java.base/java.util.HashMap.hash(HashMap.java:340)
at java.base/java.util.HashMap.put(HashMap.java:608)
at java.base/java.util.HashSet.add(HashSet.java:220)
at com.fasterxml.jackson.databind.deser.std.CollectionDeserializer._deserializeFromArray(CollectionDeserializer.java:363)
... 17 more
com.structurizr.io.WorkspaceReaderException: Could not read JSON
com.structurizr.api.StructurizrClientException: com.structurizr.io.WorkspaceReaderException: Could not read JSON
com.structurizr.api.StructurizrClientException: com.structurizr.api.StructurizrClientException: com.structurizr.io.WorkspaceReaderException: Could not read JSON
at com.structurizr.api.StructurizrClient.putWorkspace(StructurizrClient.java:420)
at com.structurizr.cli.PushCommand.run(PushCommand.java:137)
at com.structurizr.cli.StructurizrCliApplication.run(StructurizrCliApplication.java:77)
at com.structurizr.cli.StructurizrCliApplication.main(StructurizrCliApplication.java:112)
Caused by: com.structurizr.api.StructurizrClientException: com.structurizr.io.WorkspaceReaderException: Could not read JSON
at com.structurizr.api.StructurizrClient.getWorkspace(StructurizrClient.java:353)
at com.structurizr.api.StructurizrClient.putWorkspace(StructurizrClient.java:373)
... 3 more
Caused by: com.structurizr.io.WorkspaceReaderException: Could not read JSON
at com.structurizr.io.json.JsonReader.read(JsonReader.java:50)
at com.structurizr.api.StructurizrClient.getWorkspace(StructurizrClient.java:332)
... 4 more
Caused by: com.fasterxml.jackson.databind.JsonMappingException: (was java.lang.NullPointerException) (through reference chain: com.structurizr.Workspace["documentation"]->com.structurizr.documentation.Documentation["sections"]->java.util.HashSet[0])
at com.fasterxml.jackson.databind.JsonMappingException.wrapWithPath(JsonMappingException.java:402)
at com.fasterxml.jackson.databind.JsonMappingException.wrapWithPath(JsonMappingException.java:373)
at com.fasterxml.jackson.databind.deser.std.CollectionDeserializer._deserializeFromArray(CollectionDeserializer.java:375)
at com.fasterxml.jackson.databind.deser.std.CollectionDeserializer.deserialize(CollectionDeserializer.java:244)
at com.fasterxml.jackson.databind.deser.std.CollectionDeserializer.deserialize(CollectionDeserializer.java:28)
at com.fasterxml.jackson.databind.deser.impl.MethodProperty.deserializeAndSet(MethodProperty.java:129)
at com.fasterxml.jackson.databind.deser.BeanDeserializer.vanillaDeserialize(BeanDeserializer.java:314)
at com.fasterxml.jackson.databind.deser.BeanDeserializer.deserialize(BeanDeserializer.java:177)
at com.fasterxml.jackson.databind.deser.impl.MethodProperty.deserializeAndSet(MethodProperty.java:129)
at com.fasterxml.jackson.databind.deser.BeanDeserializer.vanillaDeserialize(BeanDeserializer.java:314)
at com.fasterxml.jackson.databind.deser.BeanDeserializer.deserialize(BeanDeserializer.java:177)
at com.fasterxml.jackson.databind.deser.DefaultDeserializationContext.readRootValue(DefaultDeserializationContext.java:323)
at com.fasterxml.jackson.databind.ObjectMapper._readMapAndClose(ObjectMapper.java:4730)
at com.fasterxml.jackson.databind.ObjectMapper.readValue(ObjectMapper.java:3690)
at com.structurizr.io.json.JsonReader.read(JsonReader.java:39)
... 5 more
Caused by: java.lang.NullPointerException
at com.structurizr.documentation.Section.hashCode(Section.java:67)
at java.base/java.util.HashMap.hash(HashMap.java:340)
at java.base/java.util.HashMap.put(HashMap.java:608)
at java.base/java.util.HashSet.add(HashSet.java:220)
at com.fasterxml.jackson.databind.deser.std.CollectionDeserializer._deserializeFromArray(CollectionDeserializer.java:363)
... 17 more
Same steps work without problem on version 3001
"Publish all diagrams" button not working
Starting with tag #2951 of the on-premises Docker image the export diagrams button Publish all diagrams button doesn't work. The following error is shown in the console of the debugging tools when the button is clicked:
Uncaught TypeError: structurizr.diagram.exportDiagramsToPNG is not a function
at publishAllViews (diagram-editor:1562:37)
at HTMLButtonElement.onclick (diagram-editor:1219:129)
I've verified that the button still works on the #2950 tag of the Docker image. Something in between these versions broke the functionality.
Allow named versions
It would be nice to have a way to assign labels to versions so we can reference the architecture of a specific system at a specific version
SSO :: 500 Error after initial authentication
Description:
SSO SAML Integration (AzureAD) stops working few minutes after the initial authentication.
How to reproduce:
- Login to AzureAD
- Open Structurizr and click "Sign in"
- Re-Open browser
- Open Structurizr and click "Sign in"
- 500 Error
Details:
APP: Structurizr onpremise installation
SSO: AzureAD with SAML
ERROR: 500 Error Sorry, something went wrong.
Logs:
attached below
[DEBUG] 2022-11-14 12:57:52.184 [http-nio-8080-exec-1] FilterChainProxy - Securing POST /saml/SSO
[DEBUG] 2022-11-14 12:57:52.184 [http-nio-8080-exec-1] SecurityContextPersistenceFilter - Set SecurityContextHolder to empty SecurityContext
[DEBUG] 2022-11-14 12:57:52.184 [http-nio-8080-exec-1] FilterChainProxy - Securing POST /saml/SSO
[DEBUG] 2022-11-14 12:57:52.184 [http-nio-8080-exec-1] SAMLProcessingFilter - Attempting SAML2 authentication using profile urn:oasis:names:tc:SAML:2.0:profiles:SSO:browser
[DEBUG] 2022-11-14 12:57:52.184 [http-nio-8080-exec-1] ChainingMetadataProvider - Checking child metadata provider for entity descriptor with entity ID: structurizr-prod
[DEBUG] 2022-11-14 12:57:52.184 [http-nio-8080-exec-1] AbstractMetadataProvider - Searching for entity descriptor with an entity ID of structurizr-prod
[DEBUG] 2022-11-14 12:57:52.184 [http-nio-8080-exec-1] AbstractMetadataProvider - Metadata document did not contain a descriptor for entity structurizr-prod
[DEBUG] 2022-11-14 12:57:52.184 [http-nio-8080-exec-1] AbstractMetadataProvider - Metadata document did not contain any role descriptors of type {urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor for entity structurizr-prod
[DEBUG] 2022-11-14 12:57:52.184 [http-nio-8080-exec-1] AbstractMetadataProvider - Metadata document does not contain a role of type {urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor supporting protocol urn:oasis:names:tc:SAML:2.0:protocol for entity structurizr-prod
[DEBUG] 2022-11-14 12:57:52.184 [http-nio-8080-exec-1] ChainingMetadataProvider - Checking child metadata provider for entity descriptor with entity ID: structurizr-prod
[DEBUG] 2022-11-14 12:57:52.185 [http-nio-8080-exec-1] AbstractMetadataProvider - Searching for entity descriptor with an entity ID of structurizr-prod
[DEBUG] 2022-11-14 12:57:52.185 [http-nio-8080-exec-1] KeyStoreCredentialResolver - Building credential from keystore entry for entityID structurizr, usage type UNSPECIFIED
[DEBUG] 2022-11-14 12:57:52.185 [http-nio-8080-exec-1] KeyStoreCredentialResolver - Processing PrivateKeyEntry from keystore
[DEBUG] 2022-11-14 12:57:52.185 [http-nio-8080-exec-1] EvaluableCredentialCriteriaRegistry - Registry located evaluable criteria class org.opensaml.xml.security.credential.criteria.EvaluableEntityIDCredentialCriteria for criteria class org.opensaml.xml.security.criteria.EntityIDCriteria
[DEBUG] 2022-11-14 12:57:52.186 [http-nio-8080-exec-1] KeyStoreCredentialResolver - Building credential from keystore entry for entityID structurizr, usage type UNSPECIFIED
[DEBUG] 2022-11-14 12:57:52.186 [http-nio-8080-exec-1] KeyStoreCredentialResolver - Processing PrivateKeyEntry from keystore
[DEBUG] 2022-11-14 12:57:52.186 [http-nio-8080-exec-1] EvaluableCredentialCriteriaRegistry - Registry located evaluable criteria class org.opensaml.xml.security.credential.criteria.EvaluableEntityIDCredentialCriteria for criteria class org.opensaml.xml.security.criteria.EntityIDCriteria
[DEBUG] 2022-11-14 12:57:52.187 [http-nio-8080-exec-1] StaticBasicParserPool - Setting DocumentBuilderFactory attribute 'http://javax.xml.XMLConstants/feature/secure-processing'
[DEBUG] 2022-11-14 12:57:52.187 [http-nio-8080-exec-1] StaticBasicParserPool - Setting DocumentBuilderFactory attribute 'http://apache.org/xml/features/dom/defer-node-expansion'
[DEBUG] 2022-11-14 12:57:52.187 [http-nio-8080-exec-1] StaticBasicParserPool - Setting DocumentBuilderFactory attribute 'http://apache.org/xml/features/disallow-doctype-decl'
[DEBUG] 2022-11-14 12:57:52.188 [http-nio-8080-exec-1] SAMLProcessorImpl - Retrieving message using binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
[DEBUG] 2022-11-14 12:57:52.189 [http-nio-8080-exec-1] BaseMessageDecoder - Beginning to decode message from inbound transport of type: org.opensaml.ws.transport.http.HttpServletRequestAdapter
[DEBUG] 2022-11-14 12:57:52.189 [http-nio-8080-exec-1] HTTPPostDecoder - Decoded SAML relay state of: null
[DEBUG] 2022-11-14 12:57:52.189 [http-nio-8080-exec-1] HTTPPostDecoder - Getting Base64 encoded message from request
[DEBUG] 2022-11-14 12:57:52.190 [http-nio-8080-exec-1] BaseMessageDecoder - Parsing message stream into DOM document
[DEBUG] 2022-11-14 12:57:52.190 [http-nio-8080-exec-1] BaseMessageDecoder - Unmarshalling message DOM
[DEBUG] 2022-11-14 12:57:52.191 [http-nio-8080-exec-1] SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element
[DEBUG] 2022-11-14 12:57:52.191 [http-nio-8080-exec-1] SignatureUnmarshaller - Constructing Apache XMLSignature object
[DEBUG] 2022-11-14 12:57:52.191 [http-nio-8080-exec-1] ElementProxy - setElement("Signature", "")
[DEBUG] 2022-11-14 12:57:52.191 [http-nio-8080-exec-1] ElementProxy - setElement("SignedInfo", "")
[DEBUG] 2022-11-14 12:57:52.191 [http-nio-8080-exec-1] ElementProxy - setElement("SignatureMethod", "")
[DEBUG] 2022-11-14 12:57:52.191 [http-nio-8080-exec-1] SignatureAlgorithm - Create URI "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" class "class org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA256"
[DEBUG] 2022-11-14 12:57:52.191 [http-nio-8080-exec-1] JCEMapper - Request for URI http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
[DEBUG] 2022-11-14 12:57:52.191 [http-nio-8080-exec-1] SignatureBaseRSA - Created SignatureRSA using SHA256withRSA
[DEBUG] 2022-11-14 12:57:52.191 [http-nio-8080-exec-1] ElementProxy - setElement("KeyInfo", "")
[DEBUG] 2022-11-14 12:57:52.191 [http-nio-8080-exec-1] SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature
[DEBUG] 2022-11-14 12:57:52.191 [http-nio-8080-exec-1] SignatureUnmarshaller - Adding KeyInfo to Signature
[DEBUG] 2022-11-14 12:57:52.194 [http-nio-8080-exec-1] BaseMessageDecoder - Message succesfully unmarshalled
[DEBUG] 2022-11-14 12:57:52.194 [http-nio-8080-exec-1] HTTPPostDecoder - Decoded SAML message
[DEBUG] 2022-11-14 12:57:52.194 [http-nio-8080-exec-1] BaseSAML2MessageDecoder - Extracting ID, issuer and issue instant from status response
[DEBUG] 2022-11-14 12:57:52.195 [http-nio-8080-exec-1] PROTOCOL_MESSAGE -
<?xml version="1.0" encoding="UTF-8"?><samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" Destination="https://structurizr.slsystem.cloud/saml/SSO" ID="_6c861f5c-4615-4f4f-aaa7-981439a238e3" InResponseTo="a46j86d85736eh939d3g4e86aage13" IssueInstant="2022-11-14T11:57:05.652Z" Version="2.0">
<Issuer xmlns="urn:oasis:names:tc:SAML:2.0:assertion">https://sts.windows.net/31f1b789-90e3-442a-acd2-d6ae8c8bda31/</Issuer>
<samlp:Status>
<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
</samlp:Status>
<Assertion xmlns="urn:oasis:names:tc:SAML:2.0:assertion" ID="_787d7cee-84fa-4f5d-95b7-903eb1cf0d00" IssueInstant="2022-11-14T11:57:05.652Z" Version="2.0">
<Issuer>https://sts.windows.net/31f1b789-90e3-442a-acd2-d6ae8c8bda31/</Issuer>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<Reference URI="#_787d7cee-84fa-4f5d-95b7-903eb1cf0d00">
<Transforms>
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<DigestValue>sBznpOgfu/uw97TXmk3lcqaHIamD3XC1fb/r25yqMYU=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>O+nKDhZn++uKA==</SignatureValue>
<KeyInfo>
<X509Data>
<X509Certificate>MIIC8DPHC</X509Certificate>
</X509Data>
</KeyInfo>
</Signature>
<Subject>
<NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress">[email protected]</NameID>
<SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
<SubjectConfirmationData InResponseTo="a46j86d85736eh939d3g4e86aage13" NotOnOrAfter="2022-11-14T12:57:05.543Z" Recipient="https://structurizr.slsystem.cloud/saml/SSO"/>
</SubjectConfirmation>
</Subject>
<Conditions NotBefore="2022-11-14T11:52:05.543Z" NotOnOrAfter="2022-11-14T12:57:05.543Z">
<AudienceRestriction>
<Audience>structurizr-prod</Audience>
</AudienceRestriction>
</Conditions>
<AttributeStatement>
<Attribute Name="http://schemas.microsoft.com/identity/claims/tenantid">
<AttributeValue>31f1b789-90e3-442a-acd2-d6ae8c8bda31</AttributeValue>
</Attribute>
<Attribute Name="http://schemas.microsoft.com/identity/claims/objectidentifier">
<AttributeValue>00f2e6c0-4ab6-4088-ada8-256ece971e66</AttributeValue>
</Attribute>
<Attribute Name="http://schemas.microsoft.com/identity/claims/displayname">
<AttributeValue>Konstantin Polyakov (extern)</AttributeValue>
</Attribute>
<Attribute Name="http://schemas.microsoft.com/identity/claims/identityprovider">
<AttributeValue>https://sts.windows.net/31f1b789-90e3-442a-acd2-d6ae8c8bda31/</AttributeValue>
</Attribute>
<Attribute Name="http://schemas.microsoft.com/claims/authnmethodsreferences">
<AttributeValue>http://schemas.microsoft.com/ws/2008/06/identity/authenticationmethod/password</AttributeValue>
</Attribute>
<Attribute Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname">
<AttributeValue>Konstantin</AttributeValue>
</Attribute>
<Attribute Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname">
<AttributeValue>Polyakov</AttributeValue>
</Attribute>
<Attribute Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress">
<AttributeValue>[email protected]</AttributeValue>
</Attribute>
<Attribute Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name">
<AttributeValue>[email protected]</AttributeValue>
</Attribute>
<Attribute Name="http://schemas.xmlsoap.org/claims/Group">
<AttributeValue>guest</AttributeValue>
</Attribute>
</AttributeStatement>
<AuthnStatement AuthnInstant="2022-11-12T23:44:42.828Z" SessionIndex="_787d7cee-84fa-4f5d-95b7-903eb1cf0d00">
<AuthnContext>
<AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</AuthnContextClassRef>
</AuthnContext>
</AuthnStatement>
</Assertion>
</samlp:Response>
[DEBUG] 2022-11-14 12:57:52.195 [http-nio-8080-exec-1] BaseMessageDecoder - Evaluating security policy of type 'org.opensaml.ws.security.provider.BasicSecurityPolicy' for decoded message
[DEBUG] 2022-11-14 12:57:52.196 [http-nio-8080-exec-1] BaseSAMLSimpleSignatureSecurityPolicyRule - Evaluating simple signature rule of type: org.opensaml.saml2.binding.security.SAML2HTTPPostSimpleSignRule
[DEBUG] 2022-11-14 12:57:52.196 [http-nio-8080-exec-1] BaseSAMLSimpleSignatureSecurityPolicyRule - HTTP request was not signed via simple signature mechanism, skipping
[INFO ] 2022-11-14 12:57:52.196 [http-nio-8080-exec-1] SAMLProtocolMessageXMLSignatureSecurityPolicyRule - SAML protocol message was not signed, skipping XML signature processing
[DEBUG] 2022-11-14 12:57:52.196 [http-nio-8080-exec-1] BaseMessageDecoder - Successfully decoded message.
[DEBUG] 2022-11-14 12:57:52.196 [http-nio-8080-exec-1] BaseSAMLMessageDecoder - Checking SAML message intended destination endpoint against receiver endpoint
[DEBUG] 2022-11-14 12:57:52.196 [http-nio-8080-exec-1] BaseSAMLMessageDecoder - Intended message destination endpoint: https://structurizr.slsystem.cloud/saml/SSO
[DEBUG] 2022-11-14 12:57:52.196 [http-nio-8080-exec-1] BaseSAMLMessageDecoder - Actual message receiver endpoint: https://structurizr.slsystem.cloud/saml/SSO
[DEBUG] 2022-11-14 12:57:52.196 [http-nio-8080-exec-1] BaseSAMLMessageDecoder - SAML message intended destination endpoint matched recipient endpoint
[DEBUG] 2022-11-14 12:57:52.196 [http-nio-8080-exec-1] SAMLUtil - Found endpoint org.opensaml.saml2.metadata.impl.AssertionConsumerServiceImpl@36113b57 for request URL https://structurizr.slsystem.cloud/saml/SSO based on location attribute in metadata
[DEBUG] 2022-11-14 12:57:52.196 [http-nio-8080-exec-1] HttpSessionStorage - Message a46j86d85736eh939d3g4e86aage13 not found in session 26EEC63FA2C71FC291414D44B958E0BD
[DEBUG] 2022-11-14 12:57:52.196 [http-nio-8080-exec-1] SAMLAuthenticationProvider - Error validating SAML message
org.opensaml.common.SAMLException: InResponseToField of the Response doesn't correspond to sent message a46j86d85736eh939d3g4e86aage13
at org.springframework.security.saml.websso.WebSSOProfileConsumerImpl.processAuthenticationResponse(WebSSOProfileConsumerImpl.java:139) ~[spring-security-saml2-core-1.0.3.RELEASE.jar:1.0.3.RELEASE]
at org.springframework.security.saml.SAMLAuthenticationProvider.authenticate(SAMLAuthenticationProvider.java:87) [spring-security-saml2-core-1.0.3.RELEASE.jar:1.0.3.RELEASE]
at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:182) [spring-security-core-5.6.2.jar:5.6.2]
at org.springframework.security.saml.SAMLProcessingFilter.attemptAuthentication(SAMLProcessingFilter.java:87) [spring-security-saml2-core-1.0.3.RELEASE.jar:1.0.3.RELEASE]
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:223) [spring-security-web-5.6.2.jar:5.6.2]
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:213) [spring-security-web-5.6.2.jar:5.6.2]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336) [spring-security-web-5.6.2.jar:5.6.2]
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:211) [spring-security-web-5.6.2.jar:5.6.2]
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:178) [spring-security-web-5.6.2.jar:5.6.2]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336) [spring-security-web-5.6.2.jar:5.6.2]
at org.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:90) [spring-security-web-5.6.2.jar:5.6.2]
at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:75) [spring-security-web-5.6.2.jar:5.6.2]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) [spring-web-5.3.23.jar:5.3.23]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336) [spring-security-web-5.6.2.jar:5.6.2]
at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:55) [spring-security-web-5.6.2.jar:5.6.2]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) [spring-web-5.3.23.jar:5.3.23]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336) [spring-security-web-5.6.2.jar:5.6.2]
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:110) [spring-security-web-5.6.2.jar:5.6.2]
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:80) [spring-security-web-5.6.2.jar:5.6.2]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336) [spring-security-web-5.6.2.jar:5.6.2]
at org.springframework.security.saml.metadata.MetadataGeneratorFilter.doFilter(MetadataGeneratorFilter.java:87) [spring-security-saml2-core-1.0.3.RELEASE.jar:1.0.3.RELEASE]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336) [spring-security-web-5.6.2.jar:5.6.2]
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:211) [spring-security-web-5.6.2.jar:5.6.2]
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:183) [spring-security-web-5.6.2.jar:5.6.2]
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:354) [spring-web-5.3.23.jar:5.3.23]
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:267) [spring-web-5.3.23.jar:5.3.23]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) [catalina.jar:9.0.68]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) [catalina.jar:9.0.68]
at com.structurizr.onpremises.web.NoOpSpringSessionRepositoryFilter.doFilter(NoOpSpringSessionRepositoryFilter.java:14) [structurizr-onpremises.jar:?]
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:354) [spring-web-5.3.23.jar:5.3.23]
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:267) [spring-web-5.3.23.jar:5.3.23]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) [catalina.jar:9.0.68]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) [catalina.jar:9.0.68]
at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201) [spring-web-5.3.23.jar:5.3.23]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) [spring-web-5.3.23.jar:5.3.23]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) [catalina.jar:9.0.68]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) [catalina.jar:9.0.68]
at org.springframework.web.filter.ForwardedHeaderFilter.doFilterInternal(ForwardedHeaderFilter.java:156) [spring-web-5.3.23.jar:5.3.23]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) [spring-web-5.3.23.jar:5.3.23]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) [catalina.jar:9.0.68]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) [catalina.jar:9.0.68]
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:197) [catalina.jar:9.0.68]
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97) [catalina.jar:9.0.68]
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:541) [catalina.jar:9.0.68]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:135) [catalina.jar:9.0.68]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92) [catalina.jar:9.0.68]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78) [catalina.jar:9.0.68]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:360) [catalina.jar:9.0.68]
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:399) [tomcat-coyote.jar:9.0.68]
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65) [tomcat-coyote.jar:9.0.68]
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:893) [tomcat-coyote.jar:9.0.68]
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1789) [tomcat-coyote.jar:9.0.68]
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) [tomcat-coyote.jar:9.0.68]
at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191) [tomcat-util.jar:9.0.68]
at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659) [tomcat-util.jar:9.0.68]
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) [tomcat-util.jar:9.0.68]
at java.lang.Thread.run(Thread.java:829) [?:?]
[INFO ] 2022-11-14 12:57:52.197 [http-nio-8080-exec-1] SAMLDefaultLogger - AuthNResponse;FAILURE;95.223.73.245;structurizr-prod;https://sts.windows.net/31f1b789-90e3-442a-acd2-d6ae8c8bda31/;;;org.opensaml.common.SAMLException: InResponseToField of the Response doesn't correspond to sent message a46j86d85736eh939d3g4e86aage13
at org.springframework.security.saml.websso.WebSSOProfileConsumerImpl.processAuthenticationResponse(WebSSOProfileConsumerImpl.java:139)
at org.springframework.security.saml.SAMLAuthenticationProvider.authenticate(SAMLAuthenticationProvider.java:87)
at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:182)
at org.springframework.security.saml.SAMLProcessingFilter.attemptAuthentication(SAMLProcessingFilter.java:87)
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:223)
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:213)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:211)
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:178)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
at org.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:90)
at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:75)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:55)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:110)
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:80)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
at org.springframework.security.saml.metadata.MetadataGeneratorFilter.doFilter(MetadataGeneratorFilter.java:87)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:211)
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:183)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:354)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:267)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
at com.structurizr.onpremises.web.NoOpSpringSessionRepositoryFilter.doFilter(NoOpSpringSessionRepositoryFilter.java:14)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:354)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:267)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
at org.springframework.web.filter.ForwardedHeaderFilter.doFilterInternal(ForwardedHeaderFilter.java:156)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:197)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:541)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:135)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:360)
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:399)
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:893)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1789)
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191)
at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.base/java.lang.Thread.run(Thread.java:829)
[DEBUG] 2022-11-14 12:57:52.198 [http-nio-8080-exec-1] SimpleUrlAuthenticationFailureHandler - Forwarding to /500
[DEBUG] 2022-11-14 12:57:52.198 [http-nio-8080-exec-1] DispatcherServlet - "FORWARD" dispatch for POST "/500", parameters={masked}
[DEBUG] 2022-11-14 12:57:52.198 [http-nio-8080-exec-1] RequestMappingHandlerMapping - Mapped to com.structurizr.onpremises.web.error.Http500Controller#showErrorPage(ModelMap)
[ERROR] 2022-11-14 12:57:52.199 [http-nio-8080-exec-1] Http500Controller - null```
Unable to push workspace.dsl - 413 Payload too large
Description
I successfully uploaded workspaces to the time when we hit 413 payload too large
` at com.structurizr.api.StructurizrClient.putWorkspace(StructurizrClient.java:420)
at com.structurizr.cli.PushCommand.run(PushCommand.java:137)
at com.structurizr.cli.StructurizrCliApplication.run(StructurizrCliApplication.java:81)
at com.structurizr.cli.StructurizrCliApplication.main(StructurizrCliApplication.java:119)
Caused by: com.fasterxml.jackson.core.JsonParseException: Unexpected character ('<' (code 60)): expected a valid value (JSON String, Number, Array, Object or token 'null', 'true' or 'false')
at [Source: (String)"
413 Payload Too Large
"; line: 1, column: 2] at com.fasterxml.jackson.core.JsonParser._constructError(JsonParser.java:2418) at com.fasterxml.jackson.core.base.ParserMinimalBase._reportError(ParserMinimalBase.java:749) at com.fasterxml.jackson.core.base.ParserMinimalBase._reportUnexpectedChar(ParserMinimalBase.java:673) at com.fasterxml.jackson.core.json.ReaderBasedJsonParser._handleOddValue(ReaderBasedJsonParser.java:2082) at com.fasterxml.jackson.core.json.ReaderBasedJsonParser.nextToken(ReaderBasedJsonParser.java:805) at com.fasterxml.jackson.databind.ObjectMapper._initForReading(ObjectMapper.java:4817) at com.fasterxml.jackson.databind.ObjectMapper._readMapAndClose(ObjectMapper.java:4723) at com.fasterxml.jackson.databind.ObjectMapper.readValue(ObjectMapper.java:3677) at com.fasterxml.jackson.databind.ObjectMapper.readValue(ObjectMapper.java:3645) at com.structurizr.api.ApiResponse.parse(ApiResponse.java:46) at com.structurizr.api.StructurizrClient.putWorkspace(StructurizrClient.java:414) ... 3 moreTask :structurizrCliPush FAILED
`
I'm going on vacations so didn't have an opportunity to debug it. Anyway would be good if there are any hints to overcome this once will be back.
Steps to reproduce
Quite big workspace with something around 100-150 containers, deployments, etc.
BTW, it's still rendered on Structurizr Lite.
Screenshot
No response
Code sample
No response
Configuration
No response
Severity
Critical
Priority
Medium
Resolution
I have no budget, please fix this for free
More information
For now will not have a time to fix it, but would be forced if there will be no solution
UTF-8 content in workspace.properties corrupted when using AWS S3 for data storage
Discussed in #32
Originally posted by cavies March 16, 2023
java.lang.OutOfMemoryError: Java heap space
at java.base/java.util.Properties$LineReader.readLine(Unknown Source)
at java.base/java.util.Properties.load0(Unknown Source)
at java.base/java.util.Properties.load(Unknown Source)
at com.structurizr.onpremises.component.workspace.AmazonWebServicesS3WorkspaceDao.getWorkspaceMetaData(AmazonWebServicesS3WorkspaceDao.java:271)
at com.structurizr.onpremises.component.workspace.AbstractWorkspaceDao.getWorkspaces(AbstractWorkspaceDao.java:21)
at com.structurizr.onpremises.component.workspace.WorkspaceComponentImpl.getWorkspaces(WorkspaceComponentImpl.java:65)
at com.structurizr.onpremises.component.workspace.WorkspaceComponentImpl.getWorkspaces(WorkspaceComponentImpl.java:73)
at com.structurizr.onpremises.web.home.HomePageController.show(HomePageController.java:47)
at com.structurizr.onpremises.web.home.HomePageController.showDashboardPage(HomePageController.java:43)
at com.structurizr.onpremises.web.home.HomePageController.showHomePage(HomePageController.java:29)
at com.structurizr.onpremises.web.home.HomePageController$$FastClassBySpringCGLIB$$a2b80b9e.invoke()
at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218)
at org.springframework.aop.framework.CglibAopProxy.invokeMethod(CglibAopProxy.java:386)
at org.springframework.aop.framework.CglibAopProxy.access$000(CglibAopProxy.java:85)
at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:704)
at com.structurizr.onpremises.web.home.HomePageController$$EnhancerBySpringCGLIB$$e92e9099.showHomePage()
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.base/java.lang.reflect.Method.invoke(Unknown Source)
at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:205)
at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:150)
at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:117)
at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:895)
at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:808)
at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:87)
at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1071)
at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:964)
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1006)
at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:898)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:670)
at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:883)
[WARN ] 2023-03-16 07:05:03.572 [http-nio-8080-exec-3] S3AbortableInputStream - Not all bytes were read from the S3ObjectInputStream, aborting HTTP connection. This is likely an error and may result in sub-optimal behavior. Request only the bytes you need via a ranged GET or drain the input stream after use.
java.lang.OutOfMemoryError: Java heap space
at java.base/java.util.Properties$LineReader.readLine(Unknown Source)
at java.base/java.util.Properties.load0(Unknown Source)
at java.base/java.util.Properties.load(Unknown Source)
at com.structurizr.onpremises.component.workspace.AmazonWebServicesS3WorkspaceDao.getWorkspaceMetaData(AmazonWebServicesS3WorkspaceDao.java:271)
at com.structurizr.onpremises.component.workspace.AbstractWorkspaceDao.getWorkspaces(AbstractWorkspaceDao.java:21)
at com.structurizr.onpremises.component.workspace.WorkspaceComponentImpl.getWorkspaces(WorkspaceComponentImpl.java:65)
at com.structurizr.onpremises.component.workspace.WorkspaceComponentImpl.getWorkspaces(WorkspaceComponentImpl.java:73)
at com.structurizr.onpremises.web.home.HomePageController.show(HomePageController.java:47)
at com.structurizr.onpremises.web.home.HomePageController.showDashboardPage(HomePageController.java:43)
at com.structurizr.onpremises.web.home.HomePageController.showHomePage(HomePageController.java:29)
at com.structurizr.onpremises.web.home.HomePageController$$FastClassBySpringCGLIB$$a2b80b9e.invoke()
at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218)
at org.springframework.aop.framework.CglibAopProxy.invokeMethod(CglibAopProxy.java:386)
at org.springframework.aop.framework.CglibAopProxy.access$000(CglibAopProxy.java:85)
at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:704)
at com.structurizr.onpremises.web.home.HomePageController$$EnhancerBySpringCGLIB$$e92e9099.showHomePage()
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.base/java.lang.reflect.Method.invoke(Unknown Source)
at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:205)
at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:150)
at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:117)
Create json from dsl
Question
Hi Simon,
Short question:
I followed the instructions here https://structurizr.com/help/web-api to upload a workspace definition. I plan to to in from a ci/cd chain, where I only have access to the workspace.dsl -> no json. After the update there are no diagrams in the ui, I need to go to the editor, click save and then it works.
Is there a way to generate the json after the upload?
Thanks!
SAML SSO error after hours of usage
We're using Structurizr on-premises with SAML SSO authentication using Azure AD. After hours of usage, when a user returns to Structurizr and tries to sign back in they are redirected to /saml/SSO' and see a message Error, Sorry, something went wrong.`. No matter what we try to do, the user won't be able to sign back in with that browser. We've tried clearing all application data, restarting the browser or restarting the Structurizr container.
What works is opening an in-private window and sign back in. Most of the time the next day it suddenly works again.
I've checked the logs on disk and the only logs I find are these:
[ERROR] 2023-03-15 14:55:23.725 [http-nio-8080-exec-7] Http500Controller - null
[ERROR] 2023-03-15 14:55:31.897 [http-nio-8080-exec-8] Http500Controller - null
[ERROR] 2023-03-15 14:55:52.211 [http-nio-8080-exec-6] Http500Controller - null
Checking the network activity when clicking on the sign-in button I see a successful request is made to ttps://login.microsoftonline.com//saml2.
Any help to further investigate this issue is welcome. It's not blocking since we can still use Structurizr in an in-private window and the next day it will resolve itself. Is there a way to turn on more verbose logging? Are sessions stored on disk and is there a way I can clear them?
Option to disable anonymous access to workspaces
Description
I'm looking to get the on premises instance up and running in my company but it will be exposed publicly on the internet.
I'm weary of people accidentally exposing workspaces by default because they don't realise they need to limit access manually.
I'd love a config property that prevents access until a user is logged in. Ideally right as the page is initially loaded redirect to login if the user is not authenticated.
Priority
Medium
Resolution
I'm willing to add this feature myself and raise a PR
More information
I'd be willing to dig in and try get this working myself but I'm not very familiar with Spring and Spring Security.
If some guidance can be provided I'll try pick it up, else if someone else is happy to do it that would be great to.
Creating a Review with multiple Diagrams will fail because the size of the POST request exceeds the default Tomcat maxPostSize
Description
Creating a Review with multiple Diagrams will fail because the size of the POST request exceeds the default Tomcat maxPostSize, Therefore, when building a dock image, it is necessary to modify the value of maxPostSize in tomcat/conf/server.xml. It is recommended to set it to 100M.
Steps to reproduce
Use Big Bank plc as example
-
Open Diagrams
-
Click
Create reviewbutton -
Select 5 Views
-
Click
Create -
The page was redirected to
/user/review/create, which should have been redirected to the/review/{token}
Severity
Minor
Logging capabilities for Auth and Access
The structurizr.log isnt currently logging either. This is a security issue that I need to rectify.
Problem loading diagrams when using build 2983
I'm running the onprem version at work.
Everything was working fine until i updated from 2941 to 2983.
The diagrams wont load anymore. I have tried a minimal example, and from what i can find, the problem is visible when using "theme default" inside of the view block.
The following workspace is working as expected:
workspace Test {
model {
user = person "User"
softwareSystem = softwareSystem "Software System"
user -> softwareSystem "Uses"
}
views {
systemContext softwareSystem "SystemContext" {
include *
autoLayout lr
}
}
}
but adding theme default like the workspace under is not drawing diagrams.
workspace Test {
model {
user = person "User"
softwareSystem = softwareSystem "Software System"
user -> softwareSystem "Uses"
}
views {
theme default
systemContext softwareSystem "SystemContext" {
include *
autoLayout lr
}
}
}
Make application read properties also from environment variables
Description
Properties file is required to have e.g. DSL editor enabled. It would be great if the application could check first if a properties file is present, and if not present check if properties have been provided through the environment. This would help with running it on a fresh Kubernetes using persistent volumes.
Priority
Medium
Resolution
I have no budget, please add this feature for free
More information
No response
HTTP 500 error at startup
Hi,
We're using the version 2876, deployed using Tomcat.
The application stops immediately after the startup with:
05-Dec-2022 16:09:55.928 INFO [main] org.apache.catalina.startup.Catalina.start Server startup in [6264] milliseconds
[ERROR] 2022-12-05 16:09:57.968 [http-nio-8080-exec-1] Http500Controller - null
It used to work very well a couple of days ago, until we had an out-of-disk-space issue. We restarted the app after the disk size was increased and this problem started to appear, making the app not available at all.
Is there a way to get more information in the logs about the root cause of this error?
Thanks,
Damien
Issue with cookie domain name using SAML login and custom domain.
Hi - I'm having a bit of trouble setting up Structurizr On-Prem behind a custom domain using an Azure Front Door reverse proxy. Structurizr itself is hosted on an appservice like
https://mystructurizrinstance.azurewebsites.net/
But the site is accessed via the Front Door at
https://structurizr.mydomain.com/
I've set the properties as so:
structurizr.authentication=saml
structurizr.url=https://structurizr.mydomain.com
structurizr.replyurl=https://structurizr.mydomain.com/saml/SSO
structurizr.saml.entityId=structurizr
And the site works, images load etc. But when I try to log in, the cookie is blocked because the domain name is still set to the azurewebsites.net rather than mydomain.com.
Therefore I just get
With dev tools showing:
I'm not sure how I can configure the domain of the SAML cookie, should it not come from the domain of the structurizr.url? Any help would be much appreciated!
405 Metod Not Allowed when redirected from authentication
Question
We have SAML authentication set up with an Azure AD. It works great about half of the times. The other half we get 405 Metod Not Allowed when redirected from authentication, back to {structurizr.url}/saml/SSO. It starts working again after some time, some reloading or starting an incognito browser session. I’m not at all ruling out that the problem is in the AD, but would just like to see if someone here recognizes the problem.
Error using cli to push to onpremise instullation
On-Premise Environment
- Customer Docker Image with preset structurizr.properties settings
- Using AWS S3 as Data Store
- Build 2868
cli:
- Structurizr CLI v1.20.1
- Structurizr DSL v1.20.0
Command
structurizr push
Output
Pushing workspace 2 to REDACTED
- creating new workspace
- parsing model and views from REDACTED
- merge layout from remote: true
- storing previous version of workspace in null
- pushing workspace
SLF4J: Failed to load class "org.slf4j.impl.StaticLoggerBinder".
SLF4J: Defaulting to no-operation (NOP) logger implementation
SLF4J: See http://www.slf4j.org/codes.html#StaticLoggerBinder for further details.
Nov 22, 2022 2:32:16 PM com.structurizr.api.StructurizrClient getWorkspace
INFO: Getting workspace with ID 2
Nov 22, 2022 2:32:16 PM com.structurizr.api.StructurizrClient getWorkspace
SEVERE: com.fasterxml.jackson.databind.exc.MismatchedInputException: No content to map due to end-of-input
at [Source: (String)""; line: 1, column: 0]
Nov 22, 2022 2:32:16 PM com.structurizr.api.StructurizrClient putWorkspace
SEVERE: com.structurizr.api.StructurizrClientException: com.fasterxml.jackson.databind.exc.MismatchedInputException: No content to map due to end-of-input
at [Source: (String)""; line: 1, column: 0]
com.structurizr.api.StructurizrClientException: com.structurizr.api.StructurizrClientException: com.fasterxml.jackson.databind.exc.MismatchedInputException: No content to map due to end-of-input
at [Source: (String)""; line: 1, column: 0]
at com.structurizr.api.StructurizrClient.putWorkspace(StructurizrClient.java:420)
at com.structurizr.cli.PushCommand.run(PushCommand.java:133)
at com.structurizr.cli.StructurizrCliApplication.run(StructurizrCliApplication.java:29)
at com.structurizr.cli.StructurizrCliApplication.main(StructurizrCliApplication.java:82)
Caused by: com.structurizr.api.StructurizrClientException: com.fasterxml.jackson.databind.exc.MismatchedInputException: No content to map due to end-of-input
at [Source: (String)""; line: 1, column: 0]
at com.structurizr.api.StructurizrClient.getWorkspace(StructurizrClient.java:353)
at com.structurizr.api.StructurizrClient.putWorkspace(StructurizrClient.java:373)
... 3 more
Caused by: com.fasterxml.jackson.databind.exc.MismatchedInputException: No content to map due to end-of-input
at [Source: (String)""; line: 1, column: 0]
at com.fasterxml.jackson.databind.exc.MismatchedInputException.from(MismatchedInputException.java:59)
at com.fasterxml.jackson.databind.ObjectMapper._initForReading(ObjectMapper.java:4765)
at com.fasterxml.jackson.databind.ObjectMapper._readMapAndClose(ObjectMapper.java:4667)
at com.fasterxml.jackson.databind.ObjectMapper.readValue(ObjectMapper.java:3629)
at com.fasterxml.jackson.databind.ObjectMapper.readValue(ObjectMapper.java:3597)
at com.structurizr.api.ApiResponse.parse(ApiResponse.java:46)
at com.structurizr.api.StructurizrClient.getWorkspace(StructurizrClient.java:347)
... 4 more
API timeout when putting workspace
Description
When using the CLI to push a workspace to the structurizr/onpremises:3142 API, the request times out and the CLI logs ""java.net.SocketTimeoutException: Read timed out". Even though this error is logged, the UI is updated with the new workspace, and seems to be working fine from that perspective.
Steps to reproduce
- Run structurizr/onpremises:3142 exposed as https://myapp
- docker run --rm -v myfolder:/usr/local/structurizr structurizr/cli push -url https://myapp/api -id 1 -key mykey -secret mysecret -workspace workspace.json -merge false -archive false
Expected result:
- The workspace is updated in the UI
- No error from CLI
Actual result:
- The workspace is updated in the UI
- Error from CLI: java.net.SocketTimeoutException: Read timed out
Screenshot
No response
Code sample
No response
Configuration
No response
Severity
Minor
Priority
Low
Resolution
I have no budget and there's no rush, please fix this for free
More information
No response
Helm based installation for the k8s
Description
Dear authors,
while exploring structurizr I created helm (based on initial effort found in https://github.com/virtualroot/charts/commits/main/charts/structurizr). My changes have been to add PVC support, custom mounts, and the ability to override the property file.
I would be glad to contribute all my changes to the upstream, to have a straightforward way to install structurizr in Kubernetes. My version of the helm is available at https://github.com/samm-git/structurizr-chart, please let me know if you are willing to accept it, I can do a PR, or you can import it to the new repo.
Thank you
Priority
Low
Resolution
I'm willing to add this feature myself and raise a PR
More information
No response
Create and Delete Workspace
Description
Hello.
I'd like to add ability to create and remove workspaces by api in structurizr.
It seems like a straight thing to do.
Are there any risks or things that I need to take under consideration?
We need this feature to automatically deploy branches with structurizr dsl to the on prem installation for review.
Cheers.
Priority
Medium
Resolution
I'm willing to add this feature myself and raise a PR
More information
No response
Missing /preview route
When using a Docker image later than 2950, the /preview route no longer exists.
For example, using 2951:
[WARN ] 2023-02-28 23:26:56.672 [http-nio-8080-exec-1] PageNotFound - No mapping for POST /preview
[WARN ] 2023-02-28 23:26:56.684 [http-nio-8080-exec-1] DefaultHandlerExceptionResolver - Resolved [org.springframework.web.HttpRequestMethodNotSupportedException: Request method 'POST' not supported]
I suspected an issue with dslEditor, but even toggling that property to true results in the same output.
On-Premise Version Not Working with Newer Versions of ElasticSearch
Description
I setup Structurizr in our on-premise Kubernetes environment, and everything works well, including Redis, but it's not communicating with ElasticSearch correctly (8.7.0)
I figured out that the issue is related to the fact that ElasticSearch has deprecated the use of "mapping types" for all versions >5.6 and it is no longer supported in 8.
I think the only change required would be to update the ElasticSearchComponentImpl.java from:
private static final String DOCUMENT_TYPE = "document";
to:
private static final String DOCUMENT_TYPE = "_doc";
Steps to reproduce
Setup Structurizr in Docker or Kubernetes environment to use ElasticSearch 8.7.0.
Screenshot
No response
Code sample
No response
Configuration
No response
Severity
Major
Priority
Medium
Resolution
I'm willing to fix this myself and raise a PR
More information
No response
Add a way to manage workspace metadata via the admin API
Description
For example, modify the workspace API/secret pair.
Priority
Medium
Resolution
I'm willing to add this feature myself and raise a PR
More information
No response
Build version for Structurizr onpremises
Question
Hi, I am creating a Maven pom.xml for my Structurizr onpremises build. I want to add the correct version number for the artefacts, but I can’t see a version number in the Gradle configs. That implies, I think, that the version is set when the Gradle build is executed, but I can’t see where that is either.
Can anyone help here please?
Many thanks
Nathan
Giving a prompt on the UI when saving fails
I use the version 2956
Sometimes (many times) when I make changes ( in dslEditor or in diagram view) , then save workspace, I will find a problem in the javascript console. The put request returned a 400 status code with the following information
{
“success”: false,
“message”: “The workspace could not be saved because a newer version has been created by XXX at XXXX.”
}
However, there is no prompt on the UI, and the “SAVE workspace” button is grayed out. A few times ago, I didn’t know that I didn’t save successfully. After returning to the dashboard, I found that my changes didn’t exist. I felt very disappointed. I wonder if you can consider giving a prompt on the UI when saving fails to avoid this situation.
In addition, I can be sure that no one is editing and uploading this workspace synchronously except me. Why does it fail to save? Why is there a new version? I looked up the open source code on your github and found that this might be caused by the separate storage of workspace metadata and workspace.dsl. I wonder if the metadata update succeeds sometimes, but the workspace.dsl itself fails? (Maybe my guess is wrong, please forgive me)
Add entry on dashboard for “Review links management”
I wonder if you can provide a management entry about Review on the Dashboard to view the list of Review links I created. Now I need to manually save the token, which may lead to forgetting. It would be best if you could provide the deletion of the review link.
Graphviz always enabled
While looking at the code i found that graphviz is always enabled:
https://github.com/structurizr/onpremises/blob/main/src/main/java/com/structurizr/onpremises/util/Configuration.java#L44
Is this by design? In that case the documentation should be updated.
AmazonWebServicesS3WorkspaceDao.GetWorkspaceMetaData occurs java.lang.OutOfMemoryError
java.lang.OutOfMemoryError: Java heap space
at java.base/java.util.Properties$LineReader.readLine(Unknown Source)
at java.base/java.util.Properties.load0(Unknown Source)
at java.base/java.util.Properties.load(Unknown Source)
at com.structurizr.onpremises.component.workspace.AmazonWebServicesS3WorkspaceDao.getWorkspaceMetaData(AmazonWebServicesS3WorkspaceDao.java:271)
at com.structurizr.onpremises.component.workspace.AbstractWorkspaceDao.getWorkspaces(AbstractWorkspaceDao.java:21)
at com.structurizr.onpremises.component.workspace.WorkspaceComponentImpl.getWorkspaces(WorkspaceComponentImpl.java:65)
at com.structurizr.onpremises.component.workspace.WorkspaceComponentImpl.getWorkspaces(WorkspaceComponentImpl.java:73)
at com.structurizr.onpremises.web.home.HomePageController.show(HomePageController.java:47)
at com.structurizr.onpremises.web.home.HomePageController.showDashboardPage(HomePageController.java:43)
at com.structurizr.onpremises.web.home.HomePageController.showHomePage(HomePageController.java:29)
at com.structurizr.onpremises.web.home.HomePageController$$FastClassBySpringCGLIB$$a2b80b9e.invoke()
at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218)
at org.springframework.aop.framework.CglibAopProxy.invokeMethod(CglibAopProxy.java:386)
at org.springframework.aop.framework.CglibAopProxy.access$000(CglibAopProxy.java:85)
at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:704)
at com.structurizr.onpremises.web.home.HomePageController$$EnhancerBySpringCGLIB$$e92e9099.showHomePage()
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.base/java.lang.reflect.Method.invoke(Unknown Source)
at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:205)
at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:150)
at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:117)
at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:895)
at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:808)
at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:87)
at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1071)
at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:964)
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1006)
at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:898)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:670)
at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:883)
[WARN ] 2023-03-16 07:05:03.572 [http-nio-8080-exec-3] S3AbortableInputStream - Not all bytes were read from the S3ObjectInputStream, aborting HTTP connection. This is likely an error and may result in sub-optimal behavior. Request only the bytes you need via a ranged GET or drain the input stream after use.
java.lang.OutOfMemoryError: Java heap space
at java.base/java.util.Properties$LineReader.readLine(Unknown Source)
at java.base/java.util.Properties.load0(Unknown Source)
at java.base/java.util.Properties.load(Unknown Source)
at com.structurizr.onpremises.component.workspace.AmazonWebServicesS3WorkspaceDao.getWorkspaceMetaData(AmazonWebServicesS3WorkspaceDao.java:271)
at com.structurizr.onpremises.component.workspace.AbstractWorkspaceDao.getWorkspaces(AbstractWorkspaceDao.java:21)
at com.structurizr.onpremises.component.workspace.WorkspaceComponentImpl.getWorkspaces(WorkspaceComponentImpl.java:65)
at com.structurizr.onpremises.component.workspace.WorkspaceComponentImpl.getWorkspaces(WorkspaceComponentImpl.java:73)
at com.structurizr.onpremises.web.home.HomePageController.show(HomePageController.java:47)
at com.structurizr.onpremises.web.home.HomePageController.showDashboardPage(HomePageController.java:43)
at com.structurizr.onpremises.web.home.HomePageController.showHomePage(HomePageController.java:29)
at com.structurizr.onpremises.web.home.HomePageController$$FastClassBySpringCGLIB$$a2b80b9e.invoke()
at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218)
at org.springframework.aop.framework.CglibAopProxy.invokeMethod(CglibAopProxy.java:386)
at org.springframework.aop.framework.CglibAopProxy.access$000(CglibAopProxy.java:85)
at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:704)
at com.structurizr.onpremises.web.home.HomePageController$$EnhancerBySpringCGLIB$$e92e9099.showHomePage()
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.base/java.lang.reflect.Method.invoke(Unknown Source)
at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:205)
at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:150)
at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:117)
The Save Workspace button is not available(Gray) when i manually layout without click render
Version 2956:The Save Workspace button is not available when i manually layout without click render
Share page returns 500 without any log
Description
I'm having a strange issue with our on-premises installation since we changed our S3 secret/key.
The initial page (http://example.com/) loads and shows all workspaces. The same applies for the diagram page (http://example.com/share/7/diagrams), but the configuration/home page for the diagram (http://example.com/share/7) returns an status code 500 with the text:
Error
Sorry, something went wrong.
I tried to debug changing the log4j2 levels to ALL, but nothing is logged:
[INFO ] 2023-09-21 20:16:51.704 [main] ContextLoaderListener - ***********************************************************************************
[INFO ] 2023-09-21 20:16:51.711 [main] ContextLoaderListener - _____ _ _ _
[INFO ] 2023-09-21 20:16:51.711 [main] ContextLoaderListener - / ____| | | | (_)
[INFO ] 2023-09-21 20:16:51.711 [main] ContextLoaderListener - | (___ | |_ _ __ _ _ ___| |_ _ _ _ __ _ _____ __
[INFO ] 2023-09-21 20:16:51.711 [main] ContextLoaderListener - \___ \| __| '__| | | |/ __| __| | | | '__| |_ / '__|
[INFO ] 2023-09-21 20:16:51.711 [main] ContextLoaderListener - ____) | |_| | | |_| | (__| |_| |_| | | | |/ /| |
[INFO ] 2023-09-21 20:16:51.712 [main] ContextLoaderListener - |_____/ \__|_| \__,_|\___|\__|\__,_|_| |_/___|_|
[INFO ] 2023-09-21 20:16:51.712 [main] ContextLoaderListener -
[INFO ] 2023-09-21 20:16:51.712 [main] ContextLoaderListener - Structurizr on-premises installation
[INFO ] 2023-09-21 20:16:51.715 [main] ContextLoaderListener - - build: 3080 (2023-06-21T09:31:25Z
[INFO ] 2023-09-21 20:16:51.719 [main] ContextLoaderListener - - structurizr-java: v1.24.1
[INFO ] 2023-09-21 20:16:51.748 [main] ContextLoaderListener - - structurizr-dsl: v1.30.2
[INFO ] 2023-09-21 20:16:51.749 [main] ContextLoaderListener - - structurizr-import: v1.4.1
[INFO ] 2023-09-21 20:16:51.787 [main] ContextLoaderListener - Data directory: /usr/local/structurizr (r: true; w: true; x: true)
[INFO ] 2023-09-21 20:16:51.788 [main] ContextLoaderListener - URL: (removed for privacy)
[INFO ] 2023-09-21 20:16:51.800 [main] ContextLoaderListener - Memory: used=604MB; free=419MB; total=1024MB; max=1024MB
[INFO ] 2023-09-21 20:16:51.800 [main] ContextLoaderListener -
[INFO ] 2023-09-21 20:16:51.801 [main] ContextLoaderListener - Authentication: file
[INFO ] 2023-09-21 20:16:51.801 [main] ContextLoaderListener - Session: local
[INFO ] 2023-09-21 20:16:51.802 [main] ContextLoaderListener - Data storage: aws-s3
[INFO ] 2023-09-21 20:16:51.802 [main] ContextLoaderListener - Search: lucene
[INFO ] 2023-09-21 20:16:51.802 [main] ContextLoaderListener - dot: true
[INFO ] 2023-09-21 20:16:51.802 [main] ContextLoaderListener - DSL editor: false
[INFO ] 2023-09-21 20:16:51.803 [main] ContextLoaderListener - Safe mode: true
[INFO ] 2023-09-21 20:16:51.803 [main] ContextLoaderListener - ***********************************************************************************
[INFO ] 2023-09-21 20:16:51.803 [main] ContextLoaderListener - MIT License
[INFO ] 2023-09-21 20:16:51.803 [main] ContextLoaderListener -
[INFO ] 2023-09-21 20:16:51.803 [main] ContextLoaderListener - Copyright (c) 2023 Structurizr Limited
[INFO ] 2023-09-21 20:16:51.803 [main] ContextLoaderListener -
[INFO ] 2023-09-21 20:16:51.803 [main] ContextLoaderListener - Permission is hereby granted, free of charge, to any person obtaining a copy
[INFO ] 2023-09-21 20:16:51.803 [main] ContextLoaderListener - of this software and associated documentation files (the "Software"), to deal
[INFO ] 2023-09-21 20:16:51.804 [main] ContextLoaderListener - in the Software without restriction, including without limitation the rights
[INFO ] 2023-09-21 20:16:51.804 [main] ContextLoaderListener - to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
[INFO ] 2023-09-21 20:16:51.804 [main] ContextLoaderListener - copies of the Software, and to permit persons to whom the Software is
[INFO ] 2023-09-21 20:16:51.804 [main] ContextLoaderListener - furnished to do so, subject to the following conditions:
[INFO ] 2023-09-21 20:16:51.804 [main] ContextLoaderListener -
[INFO ] 2023-09-21 20:16:51.804 [main] ContextLoaderListener - The above copyright notice and this permission notice shall be included in all
[INFO ] 2023-09-21 20:16:51.804 [main] ContextLoaderListener - copies or substantial portions of the Software.
[INFO ] 2023-09-21 20:16:51.804 [main] ContextLoaderListener -
[INFO ] 2023-09-21 20:16:51.805 [main] ContextLoaderListener - THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
[INFO ] 2023-09-21 20:16:51.805 [main] ContextLoaderListener - IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
[INFO ] 2023-09-21 20:16:51.805 [main] ContextLoaderListener - FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
[INFO ] 2023-09-21 20:16:51.805 [main] ContextLoaderListener - AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
[INFO ] 2023-09-21 20:16:51.805 [main] ContextLoaderListener - LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
[INFO ] 2023-09-21 20:16:51.805 [main] ContextLoaderListener - OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
[INFO ] 2023-09-21 20:16:51.805 [main] ContextLoaderListener - SOFTWARE.
[INFO ] 2023-09-21 20:16:51.806 [main] ContextLoaderListener - ***********************************************************************************
21-Sep-2023 20:16:55.794 INFO [main] org.apache.catalina.startup.HostConfig.deployWAR Deployment of web application archive [/usr/local/tomcat/webapps/ROOT.war] has finished in [11,286] ms
21-Sep-2023 20:16:55.797 INFO [main] org.apache.coyote.AbstractProtocol.start Starting ProtocolHandler ["http-nio-8080"]
21-Sep-2023 20:16:55.812 INFO [main] org.apache.catalina.startup.Catalina.start Server startup in [11470] milliseconds
My log42j file looks like this:
appender.console.type = Console
appender.console.name = LogToConsole
appender.console.layout.type = PatternLayout
appender.console.layout.pattern = [%-5level] %d{yyyy-MM-dd HH:mm:ss.SSS} [%t] %c{1} - %msg%n
appender.file.type = File
appender.file.name = LogToFile
appender.file.fileName=${sys:structurizr.dataDirectory}/logs/structurizr.log
appender.file.layout.type=PatternLayout
appender.file.layout.pattern=[%-5level] %d{yyyy-MM-dd HH:mm:ss.SSS} [%t] %c{1} - %msg%n
logger.app.name = com.structurizr
logger.app.level = ALL
logger.app.additivity = false
logger.app.appenderRef.console.ref = LogToConsole
logger.app.appenderRef.file.ref = LogToFile
logger.springSecurity.name = org.springframework.security
logger.springSecurity.level = ALL
logger.springSecurity.additivity = false
logger.springSecurity.appenderRef.console.ref = LogToConsole
logger.springSecurity.appenderRef.file.ref = LogToFile
rootLogger.level = ALL
rootLogger.appenderRef.stdout.ref = LogToConsole
rootLogger.appenderRef.file.ref = LogToFile
I had this behavior in the past and could debug as something related to trying to access the s3 object history, but could not reproduce this time.
Steps to reproduce
1 - run the Structurizr on premises pointing to S3 bucket;
2 - access the home of the workspace;
3 - get the 500 error page.
Screenshot
No response
Code sample
No response
Configuration
build: 3080 (2023-06-21T09:31:25Z
Severity
Major
Priority
Low
Resolution
I'm willing to fix this myself and raise a PR
More information
No response
Configure with environment variables
Hello,
I saw you have configuration in a file.
Is there a way to set those values in environment variables?
Thank you.
Problems starting structurizr/onpremises Docker Container on OSX
Hi Simon,
i'm having unexpected problems using structurizr/onpremises Docker Container on OSX (MacBook Pro)
I'm starting the container with
docker run -it --rm -p 8080:8080 -v /Users/uwe/architecture/c4model/.structurizr_data:/usr/local/structurizr structurizr/onpremises
I get the following error message back
Cannot find /usr/local/tomcat/bin/setclasspath.sh
This file is needed to run this program
A similar behaviour for tomcat in Docker Containers is described here and here
Somehow it has to do with some incompatibilities between the installed Tomcat version in the Docker container and the used Docker version, that leads to a situation, where a simple test in the started catalina.sh fails
if [ -r "$CATALINA_HOME"/bin/setclasspath.sh ]; then
. "$CATALINA_HOME"/bin/setclasspath.sh
else
echo "Cannot find $CATALINA_HOME/bin/setclasspath.sh"
echo "This file is needed to run this program"
fi
Unfortunately my possibilities to fix this are very limited as i have no possibility to change the content of the provided Docker Container and the used Tomcat version there.
I've already upgraded my Docker installation to latest available version
docker --version
Docker version 20.10.20, build 9fdeb9c3de
I'm running on
uname -a
Darwin LT958.local 21.5.0 Darwin Kernel Version 21.5.0: Tue Apr 26 21:08:22 PDT 2022; root:xnu-8020.121.3~4/RELEASE_X86_64 x86_64
Do you have any suggestions how to make structurizr/onpremises working?
Thanks a lot
Uwe
Allow admin users to see all workspaces
Admin users should be able to see all workspaces on an on-premises installation.
High-Availability does not appear to share state when logging in
It appears that the onpremise node is expecting some kind of state, perhaps a cookie, when logging in. Speculation: when running two pods in a round-robin load balancer, it is possible to login to the pod that didn't originate the token.
Is there some kind of HA setting I'm missing?
I have S3 configured and working.
Method not supported when SAML auth is configured
Description
I am trying to configure Structurizer On-Premise with Azure AD SAML Authentication, but when Azure is redirecting to the application it returns 405.
I am using latest docker build (3038).
Steps to reproduce
Configure SAMl Single Sing-on in Azure AD as described here https://structurizr.com/share/18571/documentation#saml-20
Screenshot
Azure AD
Structurizer configuration
Redirect result
Code sample
No response
Configuration
No response
Severity
Minor
Priority
Medium
Resolution
I have no budget, please fix this for free
More information
No response
SAML-based SSO broken in newest docker image(s)
Description
When trying to follow the directions to configure Keycloak SAML 2.0 as the authentication for Structurizr, using the pre-built docker image (3140 or later) no redirect occurs to the SSO login; instead, an exception is thrown. I had to find the exception in tomcat/logs/localhost.<date>.log file as it did not appear in log output on screen.
The thrown exception:
org.apache.catalina.core.StandardWrapperValve.invoke Servlet.service() for servlet [root] in context with path [] threw exception [org.opensaml.ws.message.encoder.MessageEncodingException: Error creating output document] with root cause
java.lang.ClassNotFoundException: org.owasp.esapi.reference.JavaLogFactory
at org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1412)
at org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1220)
at java.base/java.lang.Class.forName0(Native Method)
at java.base/java.lang.Class.forName(Unknown Source)
at org.owasp.esapi.util.ObjFactory.loadClassByStringName(ObjFactory.java:158)
at org.owasp.esapi.util.ObjFactory.make(ObjFactory.java:81)
at org.owasp.esapi.ESAPI.logFactory(ESAPI.java:139)
at org.owasp.esapi.ESAPI.getLogger(ESAPI.java:155)
...
...
org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.base/java.lang.Thread.run(Unknown Source)
Reverting to docker tag 3138 fixes the issue.
This seems maybe related to this ESAPI/esapi-java-legacy#695
Steps to reproduce
Follow the Structurizr SAML 2.0 Keycloak setup guide verbatim using structurizr/onpremises:3140 or later
Screenshot
No response
Code sample
No response
Configuration
No response
Severity
Major
Priority
High
Resolution
I have no budget and there's no rush, please fix this for free
More information
No response
3rd-party S3 providers
Description
It would be great if we could specify an alternate S3 endpoint in the configuration, in order to use 3rd-party S3-compatible provider likes Scaleway's Object Storage
They use virtual-hosted–style notation.
Exemple
structurizr.data=aws-s3
aws-s3. accessKeyId=XXXXXX
aws-s3.secretAccessKey=XXXXXX
aws-s3.endpoint=s3.fr-par.scw.cloud
aws-s3.region=fr-par
aws-s3.bucketName=structurizrDemo
The final endpoint is https://structurizrDemo.s3.fr-par.scw.cloud
I may be able to add this if I take time to learn Java 😅
Thanks !
Priority
Low
Resolution
I have no budget, please add this feature for free
More information
No response
Structurizr onprem showing empty workspace
Description
I've started onprem on my machine using docker pull/run. I am able to access the tool on localhost:8080. Also, I can create workspaces. The problem is that it shows that workspace is empty, eventhough I added workspace.dsl into the folder. The file is from getting started:
workspace {
model {
user = person "User" "A user of my software system."
softwareSystem = softwareSystem "Software System" "My software system."
user -> softwareSystem "Uses"
}
views {
systemContext softwareSystem "SystemContext" {
include *
autoLayout
}
styles {
element "Software System" {
background #1168bd
color #ffffff
}
element "Person" {
shape person
background #08427b
color #ffffff
}
}
}
}
Steps to reproduce
docker pull structurizr/onpremises:latest
docker run...
access localhost:8080 using browser
create new workspace
open workspace page - workspace is empty
access the folder created in previous step
put workspace.dsl into the folder
open workspace page again - workspace is still empty
Screenshot
No response
Code sample
No response
Configuration
No response
Severity
Minor
Priority
Low
Resolution
I have no budget, please fix this for free
More information
No response
Support WorkspaceVersions for aws-s3
Whether Workspace Version can be supported when using aws-s3 data storage
SAML 2.0 Failing
Docker image (tag: 2996) throws an unsupported method error for /saml/SSO after redirecting to IdP.
[WARN ] 2023-03-01 21:44:47.408 [http-nio-8080-exec-5] DefaultHandlerExceptionResolver - Resolved [org.springframework.web.HttpRequestMethodNotSupportedException: Request method 'POST' not supported]
Is POST not supported? Did I configure something incorrectly?
Data cleanup/archiving
Hi,
For now we are using local storage for structurizr on premise and we are starting to get out of disk space errors.
We are uploading very often new versions of structurizr workspaces in our automated pipelines. Often even without changes. So a few questions on what are operationally our options:
- It appears the structurizr workspace versions are all kept, even though there are no changes. Is there any way to optimize this ?
- What are the ways we can archive/delete old versions of our workspaces ? Can we disable versioning or at least limit to a maximum amount of workspaces ? Do we create our own cleanup process to remove?
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.