structurizr / onpremises Goto Github PK
View Code? Open in Web Editor NEWStructurizr on-premises installation
Home Page: https://docs.structurizr.com/onpremises
License: MIT License
Structurizr on-premises installation
Home Page: https://docs.structurizr.com/onpremises
License: MIT License
We are using saml authentication method with okta as provider.
The problem is that if we distribute links to ADRs like: https://server.structurizr.org/workspace/4/decisions/*#10.
If users click on this and are not logged in yet, after successful authentication they are redirected to: https://server.structurizr.org/workspace/4/decisions/*.
There is clearly an issue with the '#' symbol. In the network tab you can see a 303 POST call to /saml/SSO. This has as location header in the response https://server.structurizr.org/workspace/4/decisions/*. I suspect this is wrong and the #10 is lost here.
Hello 👋
I run a security community that finds and fixes vulnerabilities in OSS. A researcher (@alexeymyasnikov) has found a potential issue, which I would be eager to share with you.
Could you add a SECURITY.md
file with an e-mail address for me to send further details to? GitHub recommends a security policy to ensure issues are responsibly disclosed, and it would help direct researchers in the future.
Looking forward to hearing from you 👍
(cc @huntr-helper)
When using a config:
structurizr.url=https://domain.com
Structurizer mostly works. However, when trying to login, it's 302'ing to an http
URL.
I am putting my API gateway in front of Structurizr to repair these broken redirects, but this appears to be a bug where the onpremise software doesn't fully respect structurizr.url
.
I have a structurizr and keycloak containairs behind a reverse proxy nginx.
I want to authenticate with SAML.
When I click on "Sign In" button in structurizr web UI, I got successfully redirected to keycloak login page.
After I validate my credentials, I got successfullt redirected to https://structurizr.mydomain.fr/saml/SSO.
At this moment I got a blank page and I'm stuck on https://structurizr.mydomain.fr/saml/SSO, but I shloud be redirected on dashboard as an authenticated user.
I have a 405 error in my console
And I have this error in structurizr logs : structurizr-structurizr-1 | [WARN ] 2023-08-26 11:32:24.532 [http-nio-8080-exec-3] DefaultHandlerExceptionResolver - Resolved [org.springframework.web.HttpRequestMethodNotSupportedException: Request method 'POST' not supported]
No response
No response
No response
Minor
Low
I have no budget, please fix this for free
No response
The workspace folder is deleted when the workspace is deleted, resulting in the workspace ID potentially being recycled. It would be nice to have an option to have workspaces archived rather than deleted to prevent this behaviour.
High
I'm willing to add this feature myself and raise a PR
No response
I've created a workspace which includes diagram and markdown documentation. I've tested locally with Stricturizr Lite and the diagrams as well as teh documentation are all properly rendered.
Now I want to distribute my work by using the shared link option of the On-prem edition. I have imported my local workspace json and when I click on the documentation link, everything seems to be properly rendered however some of the embedded diagram are just rendered as blank.
by looking at the logs of Tomcat I can see the following error:
org.xml.sax.SAXParseException; Premature end of file. at org.apache.xerces.parsers.DOMParser.parse(Unknown Source) at org.apache.xerces.jaxp.DocumentBuilderImpl.parse(Unknown Source) at java.xml/javax.xml.parsers.DocumentBuilder.parse(DocumentBuilder.java:122) at com.structurizr.graphviz.SVGReader.parseAndApplyLayout(SVGReader.java:47) at com.structurizr.graphviz.GraphvizAutomaticLayout.apply(GraphvizAutomaticLayout.java:129) at com.structurizr.onpremises.web.graphviz.GraphvizController.post(GraphvizController.java:75) at jdk.internal.reflect.GeneratedMethodAccessor245.invoke(Unknown Source) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.base/java.lang.reflect.Method.invoke(Method.java:568) at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:205) at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:150) ......
And what is surprising is that it is not always the same diagrams that are rendered as blanks. when refrershing the page (F5 under firefox) the diagram pereviously rendered as blank are correctly rendered and at least another one is rendered as blank.
Unzip the file below and open the workspace in Structurizr lite
ws01.zip
You can check that the diagrams and the embedded diagram in documentation are correctly rendered
Import the workspace json fil einto the On-prem edition
The diagram are properly rendered
The embeded diagram are not all properly rendered (some are blank)
Note that the embedded diagram are all properly rendered when importing the workspace in structurizr cloud
No response
structurizr lite: 3047
structurizr on-prem: 3052
java: open JDK 17
tomcat: V9
OS: Linux and Windows
Minor
Medium
I have no budget, please fix this for free
I will also do my best to have a look at the code to see why it is failling and if I can fix it ;-)
I recently upgraded to the latest docker image (3054) of Structurizr on-prem.
However, when I try to change the lay-out of my diagrams, I can't use the diagram editor (https://www.structurizr.com/help/diagram-editor) anymore.
When looking into the docker logs I can see that there is a javax.net.ssl.SSLHandshakeException thrown when trying to load the diagram editor.
My PC is running from behind a proxy (ZScaler) however, editing the diagram layout was working in the previous version
No response
No response
No response
Major
Medium
I have no budget, please fix this for free
2023-05-02 11:42:12 javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
2023-05-02 11:42:12 at java.base/sun.security.ssl.Alert.createSSLException(Unknown Source)
2023-05-02 11:42:12 at java.base/sun.security.ssl.TransportContext.fatal(Unknown Source)
2023-05-02 11:42:12 at java.base/sun.security.ssl.TransportContext.fatal(Unknown Source)
2023-05-02 11:42:12 at java.base/sun.security.ssl.TransportContext.fatal(Unknown Source)
2023-05-02 11:42:12 at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.checkServerCerts(Unknown Source)
2023-05-02 11:42:12 at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.onConsumeCertificate(Unknown Source)
2023-05-02 11:42:12 at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.consume(Unknown Source)
2023-05-02 11:42:12 at java.base/sun.security.ssl.SSLHandshake.consume(Unknown Source)
2023-05-02 11:42:12 at java.base/sun.security.ssl.HandshakeContext.dispatch(Unknown Source)
2023-05-02 11:42:12 at java.base/sun.security.ssl.HandshakeContext.dispatch(Unknown Source)
2023-05-02 11:42:12 at java.base/sun.security.ssl.TransportContext.dispatch(Unknown Source)
2023-05-02 11:42:12 at java.base/sun.security.ssl.SSLTransport.decode(Unknown Source)
2023-05-02 11:42:12 at java.base/sun.security.ssl.SSLSocketImpl.decode(Unknown Source)
2023-05-02 11:42:12 at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(Unknown Source)
2023-05-02 11:42:12 at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
2023-05-02 11:42:12 at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
2023-05-02 11:42:12 at org.apache.hc.client5.http.ssl.SSLConnectionSocketFactory.executeHandshake(SSLConnectionSocketFactory.java:303)
2023-05-02 11:42:12 at org.apache.hc.client5.http.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:275)
2023-05-02 11:42:12 at org.apache.hc.client5.http.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:251)
2023-05-02 11:42:12 at org.apache.hc.client5.http.impl.io.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:181)
2023-05-02 11:42:12 at org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:447)
2023-05-02 11:42:12 at org.apache.hc.client5.http.impl.classic.InternalExecRuntime.connectEndpoint(InternalExecRuntime.java:162)
2023-05-02 11:42:12 at org.apache.hc.client5.http.impl.classic.InternalExecRuntime.connectEndpoint(InternalExecRuntime.java:172)
2023-05-02 11:42:12 at org.apache.hc.client5.http.impl.classic.ConnectExec.execute(ConnectExec.java:142)
2023-05-02 11:42:12 at org.apache.hc.client5.http.impl.classic.ExecChainElement.execute(ExecChainElement.java:51)
2023-05-02 11:42:12 at org.apache.hc.client5.http.impl.classic.ProtocolExec.execute(ProtocolExec.java:192)
2023-05-02 11:42:12 at org.apache.hc.client5.http.impl.classic.ExecChainElement.execute(ExecChainElement.java:51)
2023-05-02 11:42:12 at org.apache.hc.client5.http.impl.classic.HttpRequestRetryExec.execute(HttpRequestRetryExec.java:96)
2023-05-02 11:42:12 at org.apache.hc.client5.http.impl.classic.ExecChainElement.execute(ExecChainElement.java:51)
2023-05-02 11:42:12 at org.apache.hc.client5.http.impl.classic.ContentCompressionExec.execute(ContentCompressionExec.java:152)
2023-05-02 11:42:12 at org.apache.hc.client5.http.impl.classic.ExecChainElement.execute(ExecChainElement.java:51)
2023-05-02 11:42:12 at org.apache.hc.client5.http.impl.classic.RedirectExec.execute(RedirectExec.java:115)
2023-05-02 11:42:12 at org.apache.hc.client5.http.impl.classic.ExecChainElement.execute(ExecChainElement.java:51)
2023-05-02 11:42:12 at org.apache.hc.client5.http.impl.classic.InternalHttpClient.doExecute(InternalHttpClient.java:170)
2023-05-02 11:42:12 at org.apache.hc.client5.http.impl.classic.CloseableHttpClient.execute(CloseableHttpClient.java:123)
2023-05-02 11:42:12 at com.structurizr.view.ThemeUtils.loadThemes(ThemeUtils.java:74)
2023-05-02 11:42:12 at com.structurizr.onpremises.web.graphviz.GraphvizController.post(GraphvizController.java:32)
2023-05-02 11:42:12 at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
2023-05-02 11:42:12 at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
2023-05-02 11:42:12 at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
2023-05-02 11:42:12 at java.base/java.lang.reflect.Method.invoke(Unknown Source)
2023-05-02 11:42:12 at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:205)
2023-05-02 11:42:12 at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:150)
2023-05-02 11:42:12 at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:117)
2023-05-02 11:42:12 at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:895)
2023-05-02 11:42:12 at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:808)
2023-05-02 11:42:12 at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:87)
2023-05-02 11:42:12 at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1071)
2023-05-02 11:42:12 at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:964)
2023-05-02 11:42:12 at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1006)
2023-05-02 11:42:12 at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:909)
2023-05-02 11:42:12 at javax.servlet.http.HttpServlet.service(HttpServlet.java:696)
2023-05-02 11:42:12 at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:883)
2023-05-02 11:42:12 at javax.servlet.http.HttpServlet.service(HttpServlet.java:779)
2023-05-02 11:42:12 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:227)
2023-05-02 11:42:12 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
2023-05-02 11:42:12 at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53)
2023-05-02 11:42:12 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)
2023-05-02 11:42:12 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
2023-05-02 11:42:12 at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:327)
2023-05-02 11:42:12 at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:115)
2023-05-02 11:42:12 at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:81)
2023-05-02 11:42:12 at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
2023-05-02 11:42:12 at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:122)
2023-05-02 11:42:12 at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:116)
2023-05-02 11:42:12 at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
2023-05-02 11:42:12 at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:126)
2023-05-02 11:42:12 at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:81)
2023-05-02 11:42:12 at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
2023-05-02 11:42:12 at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:109)
2023-05-02 11:42:12 at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
2023-05-02 11:42:12 at org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter.doFilter(RememberMeAuthenticationFilter.java:102)
2023-05-02 11:42:12 at org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter.doFilter(RememberMeAuthenticationFilter.java:93)
2023-05-02 11:42:12 at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
2023-05-02 11:42:12 at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:149)
2023-05-02 11:42:12 at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
2023-05-02 11:42:12 at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63)
2023-05-02 11:42:12 at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
2023-05-02 11:42:12 at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:219)
2023-05-02 11:42:12 at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:213)
2023-05-02 11:42:12 at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
2023-05-02 11:42:12 at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:103)
2023-05-02 11:42:12 at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:89)
2023-05-02 11:42:12 at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
2023-05-02 11:42:12 at org.springframework.security.web.csrf.CsrfFilter.doFilterInternal(CsrfFilter.java:117)
2023-05-02 11:42:12 at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)
2023-05-02 11:42:12 at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
2023-05-02 11:42:12 at org.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:90)
2023-05-02 11:42:12 at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:75)
2023-05-02 11:42:12 at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)
2023-05-02 11:42:12 at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
2023-05-02 11:42:12 at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:55)
2023-05-02 11:42:12 at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)
2023-05-02 11:42:12 at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
2023-05-02 11:42:12 at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:110)
2023-05-02 11:42:12 at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:80)
2023-05-02 11:42:12 at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
2023-05-02 11:42:12 at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:211)
2023-05-02 11:42:12 at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:183)
2023-05-02 11:42:12 at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:354)
2023-05-02 11:42:12 at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:267)
2023-05-02 11:42:12 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)
2023-05-02 11:42:12 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
2023-05-02 11:42:12 at com.structurizr.onpremises.web.NoOpSpringSessionRepositoryFilter.doFilter(NoOpSpringSessionRepositoryFilter.java:14)
2023-05-02 11:42:12 at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:354)
2023-05-02 11:42:12 at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:267)
2023-05-02 11:42:12 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)
2023-05-02 11:42:12 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
2023-05-02 11:42:12 at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201)
2023-05-02 11:42:12 at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)
2023-05-02 11:42:12 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)
2023-05-02 11:42:12 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
2023-05-02 11:42:12 at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:102)
2023-05-02 11:42:12 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)
2023-05-02 11:42:12 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
2023-05-02 11:42:12 at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:177)
2023-05-02 11:42:12 at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97)
2023-05-02 11:42:12 at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:541)
2023-05-02 11:42:12 at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:135)
2023-05-02 11:42:12 at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
2023-05-02 11:42:12 at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:687)
2023-05-02 11:42:12 at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78)
2023-05-02 11:42:12 at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:360)
2023-05-02 11:42:12 at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:399)
2023-05-02 11:42:12 at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
2023-05-02 11:42:12 at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:891)
2023-05-02 11:42:12 at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1784)
2023-05-02 11:42:12 at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
2023-05-02 11:42:12 at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191)
2023-05-02 11:42:12 at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659)
2023-05-02 11:42:12 at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
2023-05-02 11:42:12 at java.base/java.lang.Thread.run(Unknown Source)
2023-05-02 11:42:12 Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
2023-05-02 11:42:12 at java.base/sun.security.validator.PKIXValidator.doBuild(Unknown Source)
2023-05-02 11:42:12 at java.base/sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
2023-05-02 11:42:12 at java.base/sun.security.validator.Validator.validate(Unknown Source)
2023-05-02 11:42:12 at java.base/sun.security.ssl.X509TrustManagerImpl.checkTrusted(Unknown Source)
2023-05-02 11:42:12 at java.base/sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
2023-05-02 11:42:12 ... 128 more
2023-05-02 11:42:12 Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
2023-05-02 11:42:12 at java.base/sun.security.provider.certpath.SunCertPathBuilder.build(Unknown Source)
2023-05-02 11:42:12 at java.base/sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source)
2023-05-02 11:42:12 at java.base/java.security.cert.CertPathBuilder.build(Unknown Source)
2023-05-02 11:42:12 ... 133 more
I am struggling to run the on-premises version of the application in our kubernetes strack. And it's because the properties file is nested in the data directory.
I want to manage the config via configmap, and mount it to a filepath. And my data directory to be a volume mount. But you cannot mount a config map to disk over a volume mount.
Something simple to fix this would be to provide a way to point to the properties file outside of the data directory. Or alternatively, make all options available via ENV variable.
Use both a volume mount and configmap.
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: nexus-diagrams
namespace: {{ .Values.namespace}}
spec:
selector:
matchLabels:
run: nexus-diagrams
replicas: {{ .Values.replicaCount }}
template:
metadata:
labels:
run: nexus-diagrams
spec:
containers:
- name: nexus-diagrams
image: structurizr/onpremises:3130
imagePullPolicy: Always
ports:
- containerPort: 8080
# readinessProbe:
# httpGet:
# path: /
# port: 8080
# initialDelaySeconds: 5
# periodSeconds: 10
# livenessProbe:
# httpGet:
# path: /
# port: 8080
# initialDelaySeconds: 10
# periodSeconds: 20
command:
- tail
- -f
- /dev/null
resources:
limits:
memory: 1Gi
requests:
memory: 512Mi
env:
- name: STRUCTURIZR_DATA_DIRECTORY
value: "/data"
volumeMounts:
- name: diagrams-storage-volume
mountPath: "/data"
- name: structurizr-properties
mountPath: "/data"
subPath: "structurizr.properties"
volumes:
- name: diagrams-storage-volume
persistentVolumeClaim:
claimName: diagrams-storage-pv-claim
- name: structurizr-properties
configMap:
name: properties-file
items:
- key: "config"
path: "structurizr.properties"
---
apiVersion: v1
kind: Service
metadata:
name: nexus-diagrams
namespace: {{ .Values.namespace}}
labels:
run: nexus-diagrams
spec:
ports:
- port: 8080
protocol: TCP
name: http
selector:
run: nexus-diagrams
---
kind: Ingress
apiVersion: networking.k8s.io/v1
metadata:
name: nexus-diagrams-ingress
namespace: {{ .Values.namespace}}
annotations:
traefik.ingress.kubernetes.io/router.middlewares: {{ .Values.namespace }}-whitelist@kubernetescrd
spec:
rules:
- host: {{ .Values.dnsName }}
http:
paths:
- backend:
service:
name: nexus-diagrams
port:
name: http
path: /
pathType: Prefix
tls:
- hosts:
- {{ .Values.dnsName }}
secretName: tls-nexus-diagrams-ingress
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: tls-nexus-diagrams-ingress
namespace: {{ .Values.namespace}}
spec:
secretName: tls-nexus-diagrams-ingress
dnsNames:
- {{ .Values.dnsName }}
issuerRef:
name: letsencrypt-production
kind: ClusterIssuer
group: cert-manager.io
---
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: whitelist
namespace: {{ .Values.namespace}}
spec:
ipWhiteList:
sourceRange:
{{- range .Values.vpnOfficeIps }}
- {{.}}{{- end }}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: properties-file
data:
config: |
structurizr.url={{.Values.dnsName}}
structurizr.session=local
structurizr.data=file
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: diagrams-storage-pv-claim
spec:
accessModes:
- ReadWriteOnce
storageClassName: csi-cinder-sc-retain
resources:
requests:
storage: 1Gi
No response
No response
Using image: structurizr/onpremises:3130
Major
Low
I have no budget, please fix this for free
No response
I'm trying to deploy structurizr to a kubernetes cluster and trying to write a config map that uses env vars loaded from Secrets. This is to protect the passwords for Elastic Search and Redis.
The apache commons configuration should support env vars interpolated in the structurizr.properties file but it's not working, for example:
structurizr.url=${env:URL}
Can you suggest a work around?
From build 3002 and onwards, pulling or pushing an update on existing workspace that includes docs, throws a null pointer.
Steps to reproduce:
docker run -it --rm -p 8080:8080 structurizr/onpremises:3002
structurizr.sh push -url http://localhost:8080/api -id 1 -key 94435ac8-50d3-466e-b6f5-8395df84c02e -secret 1a0c7e22-07da-4340-ad8b-0eed3baae4ce -workspace workspace.dsl
structurizr.sh push -url http://localhost:8080/api -id 1 -key 94435ac8-50d3-466e-b6f5-8395df84c02e -secret 1a0c7e22-07da-4340-ad8b-0eed3baae4ce -workspace workspace.dsl
Pushing workspace 1 to http://localhost:8080/api
- creating new workspace
- parsing model and views from /home/gatos/git/structurizr-example/workspace.dsl
- merge layout from remote: true
- no views defined; creating default views
- storing previous version of workspace in null
- pushing workspace
Getting workspace with ID 1
SoftwareSystem://Service is missing a description.
Putting workspace with ID 1
{"success":true,"message":"OK","revision":2}
- finished
structurizr.sh push -url http://localhost:8080/api -id 1 -key 94435ac8-50d3-466e-b6f5-8395df84c02e -secret 1a0c7e22-07da-4340-ad8b-0eed3baae4ce -workspace workspace.dsl
Pushing workspace 1 to http://localhost:8080/api
- creating new workspace
- parsing model and views from /home/gatos/git/structurizr-example/workspace.dsl
- merge layout from remote: true
- no views defined; creating default views
- storing previous version of workspace in null
- pushing workspace
Getting workspace with ID 1
com.fasterxml.jackson.databind.JsonMappingException: (was java.lang.NullPointerException) (through reference chain: com.structurizr.Workspace["documentation"]->com.structurizr.documentation.Documentation["sections"]->java.util.HashSet[0])
at com.fasterxml.jackson.databind.JsonMappingException.wrapWithPath(JsonMappingException.java:402)
at com.fasterxml.jackson.databind.JsonMappingException.wrapWithPath(JsonMappingException.java:373)
at com.fasterxml.jackson.databind.deser.std.CollectionDeserializer._deserializeFromArray(CollectionDeserializer.java:375)
at com.fasterxml.jackson.databind.deser.std.CollectionDeserializer.deserialize(CollectionDeserializer.java:244)
at com.fasterxml.jackson.databind.deser.std.CollectionDeserializer.deserialize(CollectionDeserializer.java:28)
at com.fasterxml.jackson.databind.deser.impl.MethodProperty.deserializeAndSet(MethodProperty.java:129)
at com.fasterxml.jackson.databind.deser.BeanDeserializer.vanillaDeserialize(BeanDeserializer.java:314)
at com.fasterxml.jackson.databind.deser.BeanDeserializer.deserialize(BeanDeserializer.java:177)
at com.fasterxml.jackson.databind.deser.impl.MethodProperty.deserializeAndSet(MethodProperty.java:129)
at com.fasterxml.jackson.databind.deser.BeanDeserializer.vanillaDeserialize(BeanDeserializer.java:314)
at com.fasterxml.jackson.databind.deser.BeanDeserializer.deserialize(BeanDeserializer.java:177)
at com.fasterxml.jackson.databind.deser.DefaultDeserializationContext.readRootValue(DefaultDeserializationContext.java:323)
at com.fasterxml.jackson.databind.ObjectMapper._readMapAndClose(ObjectMapper.java:4730)
at com.fasterxml.jackson.databind.ObjectMapper.readValue(ObjectMapper.java:3690)
at com.structurizr.io.json.JsonReader.read(JsonReader.java:39)
at com.structurizr.api.StructurizrClient.getWorkspace(StructurizrClient.java:332)
at com.structurizr.api.StructurizrClient.putWorkspace(StructurizrClient.java:373)
at com.structurizr.cli.PushCommand.run(PushCommand.java:137)
at com.structurizr.cli.StructurizrCliApplication.run(StructurizrCliApplication.java:77)
at com.structurizr.cli.StructurizrCliApplication.main(StructurizrCliApplication.java:112)
Caused by: java.lang.NullPointerException
at com.structurizr.documentation.Section.hashCode(Section.java:67)
at java.base/java.util.HashMap.hash(HashMap.java:340)
at java.base/java.util.HashMap.put(HashMap.java:608)
at java.base/java.util.HashSet.add(HashSet.java:220)
at com.fasterxml.jackson.databind.deser.std.CollectionDeserializer._deserializeFromArray(CollectionDeserializer.java:363)
... 17 more
com.structurizr.io.WorkspaceReaderException: Could not read JSON
com.structurizr.api.StructurizrClientException: com.structurizr.io.WorkspaceReaderException: Could not read JSON
com.structurizr.api.StructurizrClientException: com.structurizr.api.StructurizrClientException: com.structurizr.io.WorkspaceReaderException: Could not read JSON
at com.structurizr.api.StructurizrClient.putWorkspace(StructurizrClient.java:420)
at com.structurizr.cli.PushCommand.run(PushCommand.java:137)
at com.structurizr.cli.StructurizrCliApplication.run(StructurizrCliApplication.java:77)
at com.structurizr.cli.StructurizrCliApplication.main(StructurizrCliApplication.java:112)
Caused by: com.structurizr.api.StructurizrClientException: com.structurizr.io.WorkspaceReaderException: Could not read JSON
at com.structurizr.api.StructurizrClient.getWorkspace(StructurizrClient.java:353)
at com.structurizr.api.StructurizrClient.putWorkspace(StructurizrClient.java:373)
... 3 more
Caused by: com.structurizr.io.WorkspaceReaderException: Could not read JSON
at com.structurizr.io.json.JsonReader.read(JsonReader.java:50)
at com.structurizr.api.StructurizrClient.getWorkspace(StructurizrClient.java:332)
... 4 more
Caused by: com.fasterxml.jackson.databind.JsonMappingException: (was java.lang.NullPointerException) (through reference chain: com.structurizr.Workspace["documentation"]->com.structurizr.documentation.Documentation["sections"]->java.util.HashSet[0])
at com.fasterxml.jackson.databind.JsonMappingException.wrapWithPath(JsonMappingException.java:402)
at com.fasterxml.jackson.databind.JsonMappingException.wrapWithPath(JsonMappingException.java:373)
at com.fasterxml.jackson.databind.deser.std.CollectionDeserializer._deserializeFromArray(CollectionDeserializer.java:375)
at com.fasterxml.jackson.databind.deser.std.CollectionDeserializer.deserialize(CollectionDeserializer.java:244)
at com.fasterxml.jackson.databind.deser.std.CollectionDeserializer.deserialize(CollectionDeserializer.java:28)
at com.fasterxml.jackson.databind.deser.impl.MethodProperty.deserializeAndSet(MethodProperty.java:129)
at com.fasterxml.jackson.databind.deser.BeanDeserializer.vanillaDeserialize(BeanDeserializer.java:314)
at com.fasterxml.jackson.databind.deser.BeanDeserializer.deserialize(BeanDeserializer.java:177)
at com.fasterxml.jackson.databind.deser.impl.MethodProperty.deserializeAndSet(MethodProperty.java:129)
at com.fasterxml.jackson.databind.deser.BeanDeserializer.vanillaDeserialize(BeanDeserializer.java:314)
at com.fasterxml.jackson.databind.deser.BeanDeserializer.deserialize(BeanDeserializer.java:177)
at com.fasterxml.jackson.databind.deser.DefaultDeserializationContext.readRootValue(DefaultDeserializationContext.java:323)
at com.fasterxml.jackson.databind.ObjectMapper._readMapAndClose(ObjectMapper.java:4730)
at com.fasterxml.jackson.databind.ObjectMapper.readValue(ObjectMapper.java:3690)
at com.structurizr.io.json.JsonReader.read(JsonReader.java:39)
... 5 more
Caused by: java.lang.NullPointerException
at com.structurizr.documentation.Section.hashCode(Section.java:67)
at java.base/java.util.HashMap.hash(HashMap.java:340)
at java.base/java.util.HashMap.put(HashMap.java:608)
at java.base/java.util.HashSet.add(HashSet.java:220)
at com.fasterxml.jackson.databind.deser.std.CollectionDeserializer._deserializeFromArray(CollectionDeserializer.java:363)
... 17 more
Same steps work without problem on version 3001
Starting with tag #2951 of the on-premises Docker image the export diagrams button Publish all diagrams
button doesn't work. The following error is shown in the console of the debugging tools when the button is clicked:
Uncaught TypeError: structurizr.diagram.exportDiagramsToPNG is not a function
at publishAllViews (diagram-editor:1562:37)
at HTMLButtonElement.onclick (diagram-editor:1219:129)
I've verified that the button still works on the #2950 tag of the Docker image. Something in between these versions broke the functionality.
It would be nice to have a way to assign labels to versions so we can reference the architecture of a specific system at a specific version
Description:
SSO SAML Integration (AzureAD) stops working few minutes after the initial authentication.
How to reproduce:
Details:
APP: Structurizr onpremise installation
SSO: AzureAD with SAML
ERROR: 500 Error Sorry, something went wrong.
Logs:
attached below
[DEBUG] 2022-11-14 12:57:52.184 [http-nio-8080-exec-1] FilterChainProxy - Securing POST /saml/SSO
[DEBUG] 2022-11-14 12:57:52.184 [http-nio-8080-exec-1] SecurityContextPersistenceFilter - Set SecurityContextHolder to empty SecurityContext
[DEBUG] 2022-11-14 12:57:52.184 [http-nio-8080-exec-1] FilterChainProxy - Securing POST /saml/SSO
[DEBUG] 2022-11-14 12:57:52.184 [http-nio-8080-exec-1] SAMLProcessingFilter - Attempting SAML2 authentication using profile urn:oasis:names:tc:SAML:2.0:profiles:SSO:browser
[DEBUG] 2022-11-14 12:57:52.184 [http-nio-8080-exec-1] ChainingMetadataProvider - Checking child metadata provider for entity descriptor with entity ID: structurizr-prod
[DEBUG] 2022-11-14 12:57:52.184 [http-nio-8080-exec-1] AbstractMetadataProvider - Searching for entity descriptor with an entity ID of structurizr-prod
[DEBUG] 2022-11-14 12:57:52.184 [http-nio-8080-exec-1] AbstractMetadataProvider - Metadata document did not contain a descriptor for entity structurizr-prod
[DEBUG] 2022-11-14 12:57:52.184 [http-nio-8080-exec-1] AbstractMetadataProvider - Metadata document did not contain any role descriptors of type {urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor for entity structurizr-prod
[DEBUG] 2022-11-14 12:57:52.184 [http-nio-8080-exec-1] AbstractMetadataProvider - Metadata document does not contain a role of type {urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor supporting protocol urn:oasis:names:tc:SAML:2.0:protocol for entity structurizr-prod
[DEBUG] 2022-11-14 12:57:52.184 [http-nio-8080-exec-1] ChainingMetadataProvider - Checking child metadata provider for entity descriptor with entity ID: structurizr-prod
[DEBUG] 2022-11-14 12:57:52.185 [http-nio-8080-exec-1] AbstractMetadataProvider - Searching for entity descriptor with an entity ID of structurizr-prod
[DEBUG] 2022-11-14 12:57:52.185 [http-nio-8080-exec-1] KeyStoreCredentialResolver - Building credential from keystore entry for entityID structurizr, usage type UNSPECIFIED
[DEBUG] 2022-11-14 12:57:52.185 [http-nio-8080-exec-1] KeyStoreCredentialResolver - Processing PrivateKeyEntry from keystore
[DEBUG] 2022-11-14 12:57:52.185 [http-nio-8080-exec-1] EvaluableCredentialCriteriaRegistry - Registry located evaluable criteria class org.opensaml.xml.security.credential.criteria.EvaluableEntityIDCredentialCriteria for criteria class org.opensaml.xml.security.criteria.EntityIDCriteria
[DEBUG] 2022-11-14 12:57:52.186 [http-nio-8080-exec-1] KeyStoreCredentialResolver - Building credential from keystore entry for entityID structurizr, usage type UNSPECIFIED
[DEBUG] 2022-11-14 12:57:52.186 [http-nio-8080-exec-1] KeyStoreCredentialResolver - Processing PrivateKeyEntry from keystore
[DEBUG] 2022-11-14 12:57:52.186 [http-nio-8080-exec-1] EvaluableCredentialCriteriaRegistry - Registry located evaluable criteria class org.opensaml.xml.security.credential.criteria.EvaluableEntityIDCredentialCriteria for criteria class org.opensaml.xml.security.criteria.EntityIDCriteria
[DEBUG] 2022-11-14 12:57:52.187 [http-nio-8080-exec-1] StaticBasicParserPool - Setting DocumentBuilderFactory attribute 'http://javax.xml.XMLConstants/feature/secure-processing'
[DEBUG] 2022-11-14 12:57:52.187 [http-nio-8080-exec-1] StaticBasicParserPool - Setting DocumentBuilderFactory attribute 'http://apache.org/xml/features/dom/defer-node-expansion'
[DEBUG] 2022-11-14 12:57:52.187 [http-nio-8080-exec-1] StaticBasicParserPool - Setting DocumentBuilderFactory attribute 'http://apache.org/xml/features/disallow-doctype-decl'
[DEBUG] 2022-11-14 12:57:52.188 [http-nio-8080-exec-1] SAMLProcessorImpl - Retrieving message using binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
[DEBUG] 2022-11-14 12:57:52.189 [http-nio-8080-exec-1] BaseMessageDecoder - Beginning to decode message from inbound transport of type: org.opensaml.ws.transport.http.HttpServletRequestAdapter
[DEBUG] 2022-11-14 12:57:52.189 [http-nio-8080-exec-1] HTTPPostDecoder - Decoded SAML relay state of: null
[DEBUG] 2022-11-14 12:57:52.189 [http-nio-8080-exec-1] HTTPPostDecoder - Getting Base64 encoded message from request
[DEBUG] 2022-11-14 12:57:52.190 [http-nio-8080-exec-1] BaseMessageDecoder - Parsing message stream into DOM document
[DEBUG] 2022-11-14 12:57:52.190 [http-nio-8080-exec-1] BaseMessageDecoder - Unmarshalling message DOM
[DEBUG] 2022-11-14 12:57:52.191 [http-nio-8080-exec-1] SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element
[DEBUG] 2022-11-14 12:57:52.191 [http-nio-8080-exec-1] SignatureUnmarshaller - Constructing Apache XMLSignature object
[DEBUG] 2022-11-14 12:57:52.191 [http-nio-8080-exec-1] ElementProxy - setElement("Signature", "")
[DEBUG] 2022-11-14 12:57:52.191 [http-nio-8080-exec-1] ElementProxy - setElement("SignedInfo", "")
[DEBUG] 2022-11-14 12:57:52.191 [http-nio-8080-exec-1] ElementProxy - setElement("SignatureMethod", "")
[DEBUG] 2022-11-14 12:57:52.191 [http-nio-8080-exec-1] SignatureAlgorithm - Create URI "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" class "class org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA256"
[DEBUG] 2022-11-14 12:57:52.191 [http-nio-8080-exec-1] JCEMapper - Request for URI http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
[DEBUG] 2022-11-14 12:57:52.191 [http-nio-8080-exec-1] SignatureBaseRSA - Created SignatureRSA using SHA256withRSA
[DEBUG] 2022-11-14 12:57:52.191 [http-nio-8080-exec-1] ElementProxy - setElement("KeyInfo", "")
[DEBUG] 2022-11-14 12:57:52.191 [http-nio-8080-exec-1] SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature
[DEBUG] 2022-11-14 12:57:52.191 [http-nio-8080-exec-1] SignatureUnmarshaller - Adding KeyInfo to Signature
[DEBUG] 2022-11-14 12:57:52.194 [http-nio-8080-exec-1] BaseMessageDecoder - Message succesfully unmarshalled
[DEBUG] 2022-11-14 12:57:52.194 [http-nio-8080-exec-1] HTTPPostDecoder - Decoded SAML message
[DEBUG] 2022-11-14 12:57:52.194 [http-nio-8080-exec-1] BaseSAML2MessageDecoder - Extracting ID, issuer and issue instant from status response
[DEBUG] 2022-11-14 12:57:52.195 [http-nio-8080-exec-1] PROTOCOL_MESSAGE -
<?xml version="1.0" encoding="UTF-8"?><samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" Destination="https://structurizr.slsystem.cloud/saml/SSO" ID="_6c861f5c-4615-4f4f-aaa7-981439a238e3" InResponseTo="a46j86d85736eh939d3g4e86aage13" IssueInstant="2022-11-14T11:57:05.652Z" Version="2.0">
<Issuer xmlns="urn:oasis:names:tc:SAML:2.0:assertion">https://sts.windows.net/31f1b789-90e3-442a-acd2-d6ae8c8bda31/</Issuer>
<samlp:Status>
<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
</samlp:Status>
<Assertion xmlns="urn:oasis:names:tc:SAML:2.0:assertion" ID="_787d7cee-84fa-4f5d-95b7-903eb1cf0d00" IssueInstant="2022-11-14T11:57:05.652Z" Version="2.0">
<Issuer>https://sts.windows.net/31f1b789-90e3-442a-acd2-d6ae8c8bda31/</Issuer>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<Reference URI="#_787d7cee-84fa-4f5d-95b7-903eb1cf0d00">
<Transforms>
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<DigestValue>sBznpOgfu/uw97TXmk3lcqaHIamD3XC1fb/r25yqMYU=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>O+nKDhZn++uKA==</SignatureValue>
<KeyInfo>
<X509Data>
<X509Certificate>MIIC8DPHC</X509Certificate>
</X509Data>
</KeyInfo>
</Signature>
<Subject>
<NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress">[email protected]</NameID>
<SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
<SubjectConfirmationData InResponseTo="a46j86d85736eh939d3g4e86aage13" NotOnOrAfter="2022-11-14T12:57:05.543Z" Recipient="https://structurizr.slsystem.cloud/saml/SSO"/>
</SubjectConfirmation>
</Subject>
<Conditions NotBefore="2022-11-14T11:52:05.543Z" NotOnOrAfter="2022-11-14T12:57:05.543Z">
<AudienceRestriction>
<Audience>structurizr-prod</Audience>
</AudienceRestriction>
</Conditions>
<AttributeStatement>
<Attribute Name="http://schemas.microsoft.com/identity/claims/tenantid">
<AttributeValue>31f1b789-90e3-442a-acd2-d6ae8c8bda31</AttributeValue>
</Attribute>
<Attribute Name="http://schemas.microsoft.com/identity/claims/objectidentifier">
<AttributeValue>00f2e6c0-4ab6-4088-ada8-256ece971e66</AttributeValue>
</Attribute>
<Attribute Name="http://schemas.microsoft.com/identity/claims/displayname">
<AttributeValue>Konstantin Polyakov (extern)</AttributeValue>
</Attribute>
<Attribute Name="http://schemas.microsoft.com/identity/claims/identityprovider">
<AttributeValue>https://sts.windows.net/31f1b789-90e3-442a-acd2-d6ae8c8bda31/</AttributeValue>
</Attribute>
<Attribute Name="http://schemas.microsoft.com/claims/authnmethodsreferences">
<AttributeValue>http://schemas.microsoft.com/ws/2008/06/identity/authenticationmethod/password</AttributeValue>
</Attribute>
<Attribute Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname">
<AttributeValue>Konstantin</AttributeValue>
</Attribute>
<Attribute Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname">
<AttributeValue>Polyakov</AttributeValue>
</Attribute>
<Attribute Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress">
<AttributeValue>[email protected]</AttributeValue>
</Attribute>
<Attribute Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name">
<AttributeValue>[email protected]</AttributeValue>
</Attribute>
<Attribute Name="http://schemas.xmlsoap.org/claims/Group">
<AttributeValue>guest</AttributeValue>
</Attribute>
</AttributeStatement>
<AuthnStatement AuthnInstant="2022-11-12T23:44:42.828Z" SessionIndex="_787d7cee-84fa-4f5d-95b7-903eb1cf0d00">
<AuthnContext>
<AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</AuthnContextClassRef>
</AuthnContext>
</AuthnStatement>
</Assertion>
</samlp:Response>
[DEBUG] 2022-11-14 12:57:52.195 [http-nio-8080-exec-1] BaseMessageDecoder - Evaluating security policy of type 'org.opensaml.ws.security.provider.BasicSecurityPolicy' for decoded message
[DEBUG] 2022-11-14 12:57:52.196 [http-nio-8080-exec-1] BaseSAMLSimpleSignatureSecurityPolicyRule - Evaluating simple signature rule of type: org.opensaml.saml2.binding.security.SAML2HTTPPostSimpleSignRule
[DEBUG] 2022-11-14 12:57:52.196 [http-nio-8080-exec-1] BaseSAMLSimpleSignatureSecurityPolicyRule - HTTP request was not signed via simple signature mechanism, skipping
[INFO ] 2022-11-14 12:57:52.196 [http-nio-8080-exec-1] SAMLProtocolMessageXMLSignatureSecurityPolicyRule - SAML protocol message was not signed, skipping XML signature processing
[DEBUG] 2022-11-14 12:57:52.196 [http-nio-8080-exec-1] BaseMessageDecoder - Successfully decoded message.
[DEBUG] 2022-11-14 12:57:52.196 [http-nio-8080-exec-1] BaseSAMLMessageDecoder - Checking SAML message intended destination endpoint against receiver endpoint
[DEBUG] 2022-11-14 12:57:52.196 [http-nio-8080-exec-1] BaseSAMLMessageDecoder - Intended message destination endpoint: https://structurizr.slsystem.cloud/saml/SSO
[DEBUG] 2022-11-14 12:57:52.196 [http-nio-8080-exec-1] BaseSAMLMessageDecoder - Actual message receiver endpoint: https://structurizr.slsystem.cloud/saml/SSO
[DEBUG] 2022-11-14 12:57:52.196 [http-nio-8080-exec-1] BaseSAMLMessageDecoder - SAML message intended destination endpoint matched recipient endpoint
[DEBUG] 2022-11-14 12:57:52.196 [http-nio-8080-exec-1] SAMLUtil - Found endpoint org.opensaml.saml2.metadata.impl.AssertionConsumerServiceImpl@36113b57 for request URL https://structurizr.slsystem.cloud/saml/SSO based on location attribute in metadata
[DEBUG] 2022-11-14 12:57:52.196 [http-nio-8080-exec-1] HttpSessionStorage - Message a46j86d85736eh939d3g4e86aage13 not found in session 26EEC63FA2C71FC291414D44B958E0BD
[DEBUG] 2022-11-14 12:57:52.196 [http-nio-8080-exec-1] SAMLAuthenticationProvider - Error validating SAML message
org.opensaml.common.SAMLException: InResponseToField of the Response doesn't correspond to sent message a46j86d85736eh939d3g4e86aage13
at org.springframework.security.saml.websso.WebSSOProfileConsumerImpl.processAuthenticationResponse(WebSSOProfileConsumerImpl.java:139) ~[spring-security-saml2-core-1.0.3.RELEASE.jar:1.0.3.RELEASE]
at org.springframework.security.saml.SAMLAuthenticationProvider.authenticate(SAMLAuthenticationProvider.java:87) [spring-security-saml2-core-1.0.3.RELEASE.jar:1.0.3.RELEASE]
at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:182) [spring-security-core-5.6.2.jar:5.6.2]
at org.springframework.security.saml.SAMLProcessingFilter.attemptAuthentication(SAMLProcessingFilter.java:87) [spring-security-saml2-core-1.0.3.RELEASE.jar:1.0.3.RELEASE]
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:223) [spring-security-web-5.6.2.jar:5.6.2]
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:213) [spring-security-web-5.6.2.jar:5.6.2]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336) [spring-security-web-5.6.2.jar:5.6.2]
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:211) [spring-security-web-5.6.2.jar:5.6.2]
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:178) [spring-security-web-5.6.2.jar:5.6.2]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336) [spring-security-web-5.6.2.jar:5.6.2]
at org.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:90) [spring-security-web-5.6.2.jar:5.6.2]
at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:75) [spring-security-web-5.6.2.jar:5.6.2]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) [spring-web-5.3.23.jar:5.3.23]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336) [spring-security-web-5.6.2.jar:5.6.2]
at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:55) [spring-security-web-5.6.2.jar:5.6.2]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) [spring-web-5.3.23.jar:5.3.23]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336) [spring-security-web-5.6.2.jar:5.6.2]
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:110) [spring-security-web-5.6.2.jar:5.6.2]
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:80) [spring-security-web-5.6.2.jar:5.6.2]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336) [spring-security-web-5.6.2.jar:5.6.2]
at org.springframework.security.saml.metadata.MetadataGeneratorFilter.doFilter(MetadataGeneratorFilter.java:87) [spring-security-saml2-core-1.0.3.RELEASE.jar:1.0.3.RELEASE]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336) [spring-security-web-5.6.2.jar:5.6.2]
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:211) [spring-security-web-5.6.2.jar:5.6.2]
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:183) [spring-security-web-5.6.2.jar:5.6.2]
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:354) [spring-web-5.3.23.jar:5.3.23]
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:267) [spring-web-5.3.23.jar:5.3.23]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) [catalina.jar:9.0.68]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) [catalina.jar:9.0.68]
at com.structurizr.onpremises.web.NoOpSpringSessionRepositoryFilter.doFilter(NoOpSpringSessionRepositoryFilter.java:14) [structurizr-onpremises.jar:?]
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:354) [spring-web-5.3.23.jar:5.3.23]
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:267) [spring-web-5.3.23.jar:5.3.23]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) [catalina.jar:9.0.68]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) [catalina.jar:9.0.68]
at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201) [spring-web-5.3.23.jar:5.3.23]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) [spring-web-5.3.23.jar:5.3.23]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) [catalina.jar:9.0.68]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) [catalina.jar:9.0.68]
at org.springframework.web.filter.ForwardedHeaderFilter.doFilterInternal(ForwardedHeaderFilter.java:156) [spring-web-5.3.23.jar:5.3.23]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) [spring-web-5.3.23.jar:5.3.23]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) [catalina.jar:9.0.68]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) [catalina.jar:9.0.68]
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:197) [catalina.jar:9.0.68]
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97) [catalina.jar:9.0.68]
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:541) [catalina.jar:9.0.68]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:135) [catalina.jar:9.0.68]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92) [catalina.jar:9.0.68]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78) [catalina.jar:9.0.68]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:360) [catalina.jar:9.0.68]
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:399) [tomcat-coyote.jar:9.0.68]
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65) [tomcat-coyote.jar:9.0.68]
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:893) [tomcat-coyote.jar:9.0.68]
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1789) [tomcat-coyote.jar:9.0.68]
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) [tomcat-coyote.jar:9.0.68]
at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191) [tomcat-util.jar:9.0.68]
at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659) [tomcat-util.jar:9.0.68]
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) [tomcat-util.jar:9.0.68]
at java.lang.Thread.run(Thread.java:829) [?:?]
[INFO ] 2022-11-14 12:57:52.197 [http-nio-8080-exec-1] SAMLDefaultLogger - AuthNResponse;FAILURE;95.223.73.245;structurizr-prod;https://sts.windows.net/31f1b789-90e3-442a-acd2-d6ae8c8bda31/;;;org.opensaml.common.SAMLException: InResponseToField of the Response doesn't correspond to sent message a46j86d85736eh939d3g4e86aage13
at org.springframework.security.saml.websso.WebSSOProfileConsumerImpl.processAuthenticationResponse(WebSSOProfileConsumerImpl.java:139)
at org.springframework.security.saml.SAMLAuthenticationProvider.authenticate(SAMLAuthenticationProvider.java:87)
at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:182)
at org.springframework.security.saml.SAMLProcessingFilter.attemptAuthentication(SAMLProcessingFilter.java:87)
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:223)
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:213)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:211)
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:178)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
at org.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:90)
at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:75)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:55)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:110)
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:80)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
at org.springframework.security.saml.metadata.MetadataGeneratorFilter.doFilter(MetadataGeneratorFilter.java:87)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:211)
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:183)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:354)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:267)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
at com.structurizr.onpremises.web.NoOpSpringSessionRepositoryFilter.doFilter(NoOpSpringSessionRepositoryFilter.java:14)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:354)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:267)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
at org.springframework.web.filter.ForwardedHeaderFilter.doFilterInternal(ForwardedHeaderFilter.java:156)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:197)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:541)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:135)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:360)
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:399)
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:893)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1789)
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191)
at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.base/java.lang.Thread.run(Thread.java:829)
[DEBUG] 2022-11-14 12:57:52.198 [http-nio-8080-exec-1] SimpleUrlAuthenticationFailureHandler - Forwarding to /500
[DEBUG] 2022-11-14 12:57:52.198 [http-nio-8080-exec-1] DispatcherServlet - "FORWARD" dispatch for POST "/500", parameters={masked}
[DEBUG] 2022-11-14 12:57:52.198 [http-nio-8080-exec-1] RequestMappingHandlerMapping - Mapped to com.structurizr.onpremises.web.error.Http500Controller#showErrorPage(ModelMap)
[ERROR] 2022-11-14 12:57:52.199 [http-nio-8080-exec-1] Http500Controller - null```
I successfully uploaded workspaces to the time when we hit 413 payload too large
` at com.structurizr.api.StructurizrClient.putWorkspace(StructurizrClient.java:420)
at com.structurizr.cli.PushCommand.run(PushCommand.java:137)
at com.structurizr.cli.StructurizrCliApplication.run(StructurizrCliApplication.java:81)
at com.structurizr.cli.StructurizrCliApplication.main(StructurizrCliApplication.java:119)
Caused by: com.fasterxml.jackson.core.JsonParseException: Unexpected character ('<' (code 60)): expected a valid value (JSON String, Number, Array, Object or token 'null', 'true' or 'false')
at [Source: (String)"
Task :structurizrCliPush FAILED
`
I'm going on vacations so didn't have an opportunity to debug it. Anyway would be good if there are any hints to overcome this once will be back.
Quite big workspace with something around 100-150 containers, deployments, etc.
BTW, it's still rendered on Structurizr Lite.
No response
No response
No response
Critical
Medium
I have no budget, please fix this for free
For now will not have a time to fix it, but would be forced if there will be no solution
Originally posted by cavies March 16, 2023
java.lang.OutOfMemoryError: Java heap space
at java.base/java.util.Properties$LineReader.readLine(Unknown Source)
at java.base/java.util.Properties.load0(Unknown Source)
at java.base/java.util.Properties.load(Unknown Source)
at com.structurizr.onpremises.component.workspace.AmazonWebServicesS3WorkspaceDao.getWorkspaceMetaData(AmazonWebServicesS3WorkspaceDao.java:271)
at com.structurizr.onpremises.component.workspace.AbstractWorkspaceDao.getWorkspaces(AbstractWorkspaceDao.java:21)
at com.structurizr.onpremises.component.workspace.WorkspaceComponentImpl.getWorkspaces(WorkspaceComponentImpl.java:65)
at com.structurizr.onpremises.component.workspace.WorkspaceComponentImpl.getWorkspaces(WorkspaceComponentImpl.java:73)
at com.structurizr.onpremises.web.home.HomePageController.show(HomePageController.java:47)
at com.structurizr.onpremises.web.home.HomePageController.showDashboardPage(HomePageController.java:43)
at com.structurizr.onpremises.web.home.HomePageController.showHomePage(HomePageController.java:29)
at com.structurizr.onpremises.web.home.HomePageController$$FastClassBySpringCGLIB$$a2b80b9e.invoke()
at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218)
at org.springframework.aop.framework.CglibAopProxy.invokeMethod(CglibAopProxy.java:386)
at org.springframework.aop.framework.CglibAopProxy.access$000(CglibAopProxy.java:85)
at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:704)
at com.structurizr.onpremises.web.home.HomePageController$$EnhancerBySpringCGLIB$$e92e9099.showHomePage()
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.base/java.lang.reflect.Method.invoke(Unknown Source)
at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:205)
at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:150)
at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:117)
at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:895)
at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:808)
at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:87)
at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1071)
at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:964)
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1006)
at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:898)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:670)
at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:883)
[WARN ] 2023-03-16 07:05:03.572 [http-nio-8080-exec-3] S3AbortableInputStream - Not all bytes were read from the S3ObjectInputStream, aborting HTTP connection. This is likely an error and may result in sub-optimal behavior. Request only the bytes you need via a ranged GET or drain the input stream after use.
java.lang.OutOfMemoryError: Java heap space
at java.base/java.util.Properties$LineReader.readLine(Unknown Source)
at java.base/java.util.Properties.load0(Unknown Source)
at java.base/java.util.Properties.load(Unknown Source)
at com.structurizr.onpremises.component.workspace.AmazonWebServicesS3WorkspaceDao.getWorkspaceMetaData(AmazonWebServicesS3WorkspaceDao.java:271)
at com.structurizr.onpremises.component.workspace.AbstractWorkspaceDao.getWorkspaces(AbstractWorkspaceDao.java:21)
at com.structurizr.onpremises.component.workspace.WorkspaceComponentImpl.getWorkspaces(WorkspaceComponentImpl.java:65)
at com.structurizr.onpremises.component.workspace.WorkspaceComponentImpl.getWorkspaces(WorkspaceComponentImpl.java:73)
at com.structurizr.onpremises.web.home.HomePageController.show(HomePageController.java:47)
at com.structurizr.onpremises.web.home.HomePageController.showDashboardPage(HomePageController.java:43)
at com.structurizr.onpremises.web.home.HomePageController.showHomePage(HomePageController.java:29)
at com.structurizr.onpremises.web.home.HomePageController$$FastClassBySpringCGLIB$$a2b80b9e.invoke()
at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218)
at org.springframework.aop.framework.CglibAopProxy.invokeMethod(CglibAopProxy.java:386)
at org.springframework.aop.framework.CglibAopProxy.access$000(CglibAopProxy.java:85)
at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:704)
at com.structurizr.onpremises.web.home.HomePageController$$EnhancerBySpringCGLIB$$e92e9099.showHomePage()
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.base/java.lang.reflect.Method.invoke(Unknown Source)
at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:205)
at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:150)
at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:117)
Hi Simon,
Short question:
I followed the instructions here https://structurizr.com/help/web-api to upload a workspace definition. I plan to to in from a ci/cd chain, where I only have access to the workspace.dsl -> no json. After the update there are no diagrams in the ui, I need to go to the editor, click save and then it works.
Is there a way to generate the json after the upload?
Thanks!
We're using Structurizr on-premises with SAML SSO authentication using Azure AD. After hours of usage, when a user returns to Structurizr and tries to sign back in they are redirected to /saml/SSO' and see a message
Error, Sorry, something went wrong.`. No matter what we try to do, the user won't be able to sign back in with that browser. We've tried clearing all application data, restarting the browser or restarting the Structurizr container.
What works is opening an in-private window and sign back in. Most of the time the next day it suddenly works again.
I've checked the logs on disk and the only logs I find are these:
[ERROR] 2023-03-15 14:55:23.725 [http-nio-8080-exec-7] Http500Controller - null
[ERROR] 2023-03-15 14:55:31.897 [http-nio-8080-exec-8] Http500Controller - null
[ERROR] 2023-03-15 14:55:52.211 [http-nio-8080-exec-6] Http500Controller - null
Checking the network activity when clicking on the sign-in button I see a successful request is made to ttps://login.microsoftonline.com//saml2.
Any help to further investigate this issue is welcome. It's not blocking since we can still use Structurizr in an in-private window and the next day it will resolve itself. Is there a way to turn on more verbose logging? Are sessions stored on disk and is there a way I can clear them?
I'm looking to get the on premises instance up and running in my company but it will be exposed publicly on the internet.
I'm weary of people accidentally exposing workspaces by default because they don't realise they need to limit access manually.
I'd love a config property that prevents access until a user is logged in. Ideally right as the page is initially loaded redirect to login if the user is not authenticated.
Medium
I'm willing to add this feature myself and raise a PR
I'd be willing to dig in and try get this working myself but I'm not very familiar with Spring and Spring Security.
If some guidance can be provided I'll try pick it up, else if someone else is happy to do it that would be great to.
Creating a Review with multiple Diagrams will fail because the size of the POST request exceeds the default Tomcat maxPostSize, Therefore, when building a dock image, it is necessary to modify the value of maxPostSize in tomcat/conf/server.xml. It is recommended to set it to 100M.
Use Big Bank plc as example
Open Diagrams
Click Create review
button
Click Create
The page was redirected to /user/review/create
, which should have been redirected to the /review/{token}
Minor
The structurizr.log isnt currently logging either. This is a security issue that I need to rectify.
I'm running the onprem version at work.
Everything was working fine until i updated from 2941 to 2983.
The diagrams wont load anymore. I have tried a minimal example, and from what i can find, the problem is visible when using "theme default" inside of the view block.
The following workspace is working as expected:
workspace Test {
model {
user = person "User"
softwareSystem = softwareSystem "Software System"
user -> softwareSystem "Uses"
}
views {
systemContext softwareSystem "SystemContext" {
include *
autoLayout lr
}
}
}
but adding theme default like the workspace under is not drawing diagrams.
workspace Test {
model {
user = person "User"
softwareSystem = softwareSystem "Software System"
user -> softwareSystem "Uses"
}
views {
theme default
systemContext softwareSystem "SystemContext" {
include *
autoLayout lr
}
}
}
Properties file is required to have e.g. DSL editor enabled. It would be great if the application could check first if a properties file is present, and if not present check if properties have been provided through the environment. This would help with running it on a fresh Kubernetes using persistent volumes.
Medium
I have no budget, please add this feature for free
No response
Hi,
We're using the version 2876
, deployed using Tomcat.
The application stops immediately after the startup with:
05-Dec-2022 16:09:55.928 INFO [main] org.apache.catalina.startup.Catalina.start Server startup in [6264] milliseconds
[ERROR] 2022-12-05 16:09:57.968 [http-nio-8080-exec-1] Http500Controller - null
It used to work very well a couple of days ago, until we had an out-of-disk-space issue. We restarted the app after the disk size was increased and this problem started to appear, making the app not available at all.
Is there a way to get more information in the logs about the root cause of this error?
Thanks,
Damien
Hi - I'm having a bit of trouble setting up Structurizr On-Prem behind a custom domain using an Azure Front Door reverse proxy. Structurizr itself is hosted on an appservice like
https://mystructurizrinstance.azurewebsites.net/
But the site is accessed via the Front Door at
https://structurizr.mydomain.com/
I've set the properties as so:
structurizr.authentication=saml
structurizr.url=https://structurizr.mydomain.com
structurizr.replyurl=https://structurizr.mydomain.com/saml/SSO
structurizr.saml.entityId=structurizr
And the site works, images load etc. But when I try to log in, the cookie is blocked because the domain name is still set to the azurewebsites.net
rather than mydomain.com
.
Therefore I just get
With dev tools showing:
I'm not sure how I can configure the domain of the SAML cookie, should it not come from the domain of the structurizr.url
? Any help would be much appreciated!
We have SAML authentication set up with an Azure AD. It works great about half of the times. The other half we get 405 Metod Not Allowed when redirected from authentication, back to {structurizr.url}/saml/SSO. It starts working again after some time, some reloading or starting an incognito browser session. I’m not at all ruling out that the problem is in the AD, but would just like to see if someone here recognizes the problem.
structurizr push
Pushing workspace 2 to REDACTED
- creating new workspace
- parsing model and views from REDACTED
- merge layout from remote: true
- storing previous version of workspace in null
- pushing workspace
SLF4J: Failed to load class "org.slf4j.impl.StaticLoggerBinder".
SLF4J: Defaulting to no-operation (NOP) logger implementation
SLF4J: See http://www.slf4j.org/codes.html#StaticLoggerBinder for further details.
Nov 22, 2022 2:32:16 PM com.structurizr.api.StructurizrClient getWorkspace
INFO: Getting workspace with ID 2
Nov 22, 2022 2:32:16 PM com.structurizr.api.StructurizrClient getWorkspace
SEVERE: com.fasterxml.jackson.databind.exc.MismatchedInputException: No content to map due to end-of-input
at [Source: (String)""; line: 1, column: 0]
Nov 22, 2022 2:32:16 PM com.structurizr.api.StructurizrClient putWorkspace
SEVERE: com.structurizr.api.StructurizrClientException: com.fasterxml.jackson.databind.exc.MismatchedInputException: No content to map due to end-of-input
at [Source: (String)""; line: 1, column: 0]
com.structurizr.api.StructurizrClientException: com.structurizr.api.StructurizrClientException: com.fasterxml.jackson.databind.exc.MismatchedInputException: No content to map due to end-of-input
at [Source: (String)""; line: 1, column: 0]
at com.structurizr.api.StructurizrClient.putWorkspace(StructurizrClient.java:420)
at com.structurizr.cli.PushCommand.run(PushCommand.java:133)
at com.structurizr.cli.StructurizrCliApplication.run(StructurizrCliApplication.java:29)
at com.structurizr.cli.StructurizrCliApplication.main(StructurizrCliApplication.java:82)
Caused by: com.structurizr.api.StructurizrClientException: com.fasterxml.jackson.databind.exc.MismatchedInputException: No content to map due to end-of-input
at [Source: (String)""; line: 1, column: 0]
at com.structurizr.api.StructurizrClient.getWorkspace(StructurizrClient.java:353)
at com.structurizr.api.StructurizrClient.putWorkspace(StructurizrClient.java:373)
... 3 more
Caused by: com.fasterxml.jackson.databind.exc.MismatchedInputException: No content to map due to end-of-input
at [Source: (String)""; line: 1, column: 0]
at com.fasterxml.jackson.databind.exc.MismatchedInputException.from(MismatchedInputException.java:59)
at com.fasterxml.jackson.databind.ObjectMapper._initForReading(ObjectMapper.java:4765)
at com.fasterxml.jackson.databind.ObjectMapper._readMapAndClose(ObjectMapper.java:4667)
at com.fasterxml.jackson.databind.ObjectMapper.readValue(ObjectMapper.java:3629)
at com.fasterxml.jackson.databind.ObjectMapper.readValue(ObjectMapper.java:3597)
at com.structurizr.api.ApiResponse.parse(ApiResponse.java:46)
at com.structurizr.api.StructurizrClient.getWorkspace(StructurizrClient.java:347)
... 4 more
When using the CLI to push a workspace to the structurizr/onpremises:3142 API, the request times out and the CLI logs ""java.net.SocketTimeoutException: Read timed out". Even though this error is logged, the UI is updated with the new workspace, and seems to be working fine from that perspective.
Expected result:
Actual result:
No response
No response
No response
Minor
Low
I have no budget and there's no rush, please fix this for free
No response
Dear authors,
while exploring structurizr
I created helm (based on initial effort found in https://github.com/virtualroot/charts/commits/main/charts/structurizr). My changes have been to add PVC support, custom mounts, and the ability to override the property file.
I would be glad to contribute all my changes to the upstream, to have a straightforward way to install structurizr in Kubernetes. My version of the helm is available at https://github.com/samm-git/structurizr-chart, please let me know if you are willing to accept it, I can do a PR, or you can import it to the new repo.
Thank you
Low
I'm willing to add this feature myself and raise a PR
No response
Hello.
I'd like to add ability to create and remove workspaces by api in structurizr.
It seems like a straight thing to do.
Are there any risks or things that I need to take under consideration?
We need this feature to automatically deploy branches with structurizr dsl to the on prem installation for review.
Cheers.
Medium
I'm willing to add this feature myself and raise a PR
No response
When using a Docker image later than 2950, the /preview
route no longer exists.
For example, using 2951:
[WARN ] 2023-02-28 23:26:56.672 [http-nio-8080-exec-1] PageNotFound - No mapping for POST /preview
[WARN ] 2023-02-28 23:26:56.684 [http-nio-8080-exec-1] DefaultHandlerExceptionResolver - Resolved [org.springframework.web.HttpRequestMethodNotSupportedException: Request method 'POST' not supported]
I suspected an issue with dslEditor
, but even toggling that property to true
results in the same output.
I setup Structurizr in our on-premise Kubernetes environment, and everything works well, including Redis, but it's not communicating with ElasticSearch correctly (8.7.0)
I figured out that the issue is related to the fact that ElasticSearch has deprecated the use of "mapping types" for all versions >5.6 and it is no longer supported in 8.
I think the only change required would be to update the ElasticSearchComponentImpl.java from:
private static final String DOCUMENT_TYPE = "document";
to:
private static final String DOCUMENT_TYPE = "_doc";
Setup Structurizr in Docker or Kubernetes environment to use ElasticSearch 8.7.0.
No response
No response
No response
Major
Medium
I'm willing to fix this myself and raise a PR
No response
For example, modify the workspace API/secret pair.
Medium
I'm willing to add this feature myself and raise a PR
No response
Hi, I am creating a Maven pom.xml for my Structurizr onpremises build. I want to add the correct version number for the artefacts, but I can’t see a version number in the Gradle configs. That implies, I think, that the version is set when the Gradle build is executed, but I can’t see where that is either.
Can anyone help here please?
Many thanks
Nathan
I use the version 2956
Sometimes (many times) when I make changes ( in dslEditor or in diagram view) , then save workspace, I will find a problem in the javascript console. The put request returned a 400 status code with the following information
{
“success”: false,
“message”: “The workspace could not be saved because a newer version has been created by XXX at XXXX.”
}
However, there is no prompt on the UI, and the “SAVE workspace” button is grayed out. A few times ago, I didn’t know that I didn’t save successfully. After returning to the dashboard, I found that my changes didn’t exist. I felt very disappointed. I wonder if you can consider giving a prompt on the UI when saving fails to avoid this situation.
In addition, I can be sure that no one is editing and uploading this workspace synchronously except me. Why does it fail to save? Why is there a new version? I looked up the open source code on your github and found that this might be caused by the separate storage of workspace metadata and workspace.dsl. I wonder if the metadata update succeeds sometimes, but the workspace.dsl itself fails? (Maybe my guess is wrong, please forgive me)
I wonder if you can provide a management entry about Review on the Dashboard to view the list of Review links I created. Now I need to manually save the token, which may lead to forgetting. It would be best if you could provide the deletion of the review link.
While looking at the code i found that graphviz is always enabled:
https://github.com/structurizr/onpremises/blob/main/src/main/java/com/structurizr/onpremises/util/Configuration.java#L44
Is this by design? In that case the documentation should be updated.
java.lang.OutOfMemoryError: Java heap space
at java.base/java.util.Properties$LineReader.readLine(Unknown Source)
at java.base/java.util.Properties.load0(Unknown Source)
at java.base/java.util.Properties.load(Unknown Source)
at com.structurizr.onpremises.component.workspace.AmazonWebServicesS3WorkspaceDao.getWorkspaceMetaData(AmazonWebServicesS3WorkspaceDao.java:271)
at com.structurizr.onpremises.component.workspace.AbstractWorkspaceDao.getWorkspaces(AbstractWorkspaceDao.java:21)
at com.structurizr.onpremises.component.workspace.WorkspaceComponentImpl.getWorkspaces(WorkspaceComponentImpl.java:65)
at com.structurizr.onpremises.component.workspace.WorkspaceComponentImpl.getWorkspaces(WorkspaceComponentImpl.java:73)
at com.structurizr.onpremises.web.home.HomePageController.show(HomePageController.java:47)
at com.structurizr.onpremises.web.home.HomePageController.showDashboardPage(HomePageController.java:43)
at com.structurizr.onpremises.web.home.HomePageController.showHomePage(HomePageController.java:29)
at com.structurizr.onpremises.web.home.HomePageController$$FastClassBySpringCGLIB$$a2b80b9e.invoke()
at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218)
at org.springframework.aop.framework.CglibAopProxy.invokeMethod(CglibAopProxy.java:386)
at org.springframework.aop.framework.CglibAopProxy.access$000(CglibAopProxy.java:85)
at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:704)
at com.structurizr.onpremises.web.home.HomePageController$$EnhancerBySpringCGLIB$$e92e9099.showHomePage()
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.base/java.lang.reflect.Method.invoke(Unknown Source)
at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:205)
at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:150)
at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:117)
at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:895)
at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:808)
at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:87)
at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1071)
at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:964)
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1006)
at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:898)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:670)
at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:883)
[WARN ] 2023-03-16 07:05:03.572 [http-nio-8080-exec-3] S3AbortableInputStream - Not all bytes were read from the S3ObjectInputStream, aborting HTTP connection. This is likely an error and may result in sub-optimal behavior. Request only the bytes you need via a ranged GET or drain the input stream after use.
java.lang.OutOfMemoryError: Java heap space
at java.base/java.util.Properties$LineReader.readLine(Unknown Source)
at java.base/java.util.Properties.load0(Unknown Source)
at java.base/java.util.Properties.load(Unknown Source)
at com.structurizr.onpremises.component.workspace.AmazonWebServicesS3WorkspaceDao.getWorkspaceMetaData(AmazonWebServicesS3WorkspaceDao.java:271)
at com.structurizr.onpremises.component.workspace.AbstractWorkspaceDao.getWorkspaces(AbstractWorkspaceDao.java:21)
at com.structurizr.onpremises.component.workspace.WorkspaceComponentImpl.getWorkspaces(WorkspaceComponentImpl.java:65)
at com.structurizr.onpremises.component.workspace.WorkspaceComponentImpl.getWorkspaces(WorkspaceComponentImpl.java:73)
at com.structurizr.onpremises.web.home.HomePageController.show(HomePageController.java:47)
at com.structurizr.onpremises.web.home.HomePageController.showDashboardPage(HomePageController.java:43)
at com.structurizr.onpremises.web.home.HomePageController.showHomePage(HomePageController.java:29)
at com.structurizr.onpremises.web.home.HomePageController$$FastClassBySpringCGLIB$$a2b80b9e.invoke()
at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218)
at org.springframework.aop.framework.CglibAopProxy.invokeMethod(CglibAopProxy.java:386)
at org.springframework.aop.framework.CglibAopProxy.access$000(CglibAopProxy.java:85)
at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:704)
at com.structurizr.onpremises.web.home.HomePageController$$EnhancerBySpringCGLIB$$e92e9099.showHomePage()
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.base/java.lang.reflect.Method.invoke(Unknown Source)
at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:205)
at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:150)
at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:117)
Version 2956:The Save Workspace button is not available when i manually layout without click render
I'm having a strange issue with our on-premises installation since we changed our S3 secret/key.
The initial page (http://example.com/) loads and shows all workspaces. The same applies for the diagram page (http://example.com/share/7/diagrams), but the configuration/home page for the diagram (http://example.com/share/7) returns an status code 500 with the text:
Error
Sorry, something went wrong.
I tried to debug changing the log4j2 levels to ALL, but nothing is logged:
[INFO ] 2023-09-21 20:16:51.704 [main] ContextLoaderListener - ***********************************************************************************
[INFO ] 2023-09-21 20:16:51.711 [main] ContextLoaderListener - _____ _ _ _
[INFO ] 2023-09-21 20:16:51.711 [main] ContextLoaderListener - / ____| | | | (_)
[INFO ] 2023-09-21 20:16:51.711 [main] ContextLoaderListener - | (___ | |_ _ __ _ _ ___| |_ _ _ _ __ _ _____ __
[INFO ] 2023-09-21 20:16:51.711 [main] ContextLoaderListener - \___ \| __| '__| | | |/ __| __| | | | '__| |_ / '__|
[INFO ] 2023-09-21 20:16:51.711 [main] ContextLoaderListener - ____) | |_| | | |_| | (__| |_| |_| | | | |/ /| |
[INFO ] 2023-09-21 20:16:51.712 [main] ContextLoaderListener - |_____/ \__|_| \__,_|\___|\__|\__,_|_| |_/___|_|
[INFO ] 2023-09-21 20:16:51.712 [main] ContextLoaderListener -
[INFO ] 2023-09-21 20:16:51.712 [main] ContextLoaderListener - Structurizr on-premises installation
[INFO ] 2023-09-21 20:16:51.715 [main] ContextLoaderListener - - build: 3080 (2023-06-21T09:31:25Z
[INFO ] 2023-09-21 20:16:51.719 [main] ContextLoaderListener - - structurizr-java: v1.24.1
[INFO ] 2023-09-21 20:16:51.748 [main] ContextLoaderListener - - structurizr-dsl: v1.30.2
[INFO ] 2023-09-21 20:16:51.749 [main] ContextLoaderListener - - structurizr-import: v1.4.1
[INFO ] 2023-09-21 20:16:51.787 [main] ContextLoaderListener - Data directory: /usr/local/structurizr (r: true; w: true; x: true)
[INFO ] 2023-09-21 20:16:51.788 [main] ContextLoaderListener - URL: (removed for privacy)
[INFO ] 2023-09-21 20:16:51.800 [main] ContextLoaderListener - Memory: used=604MB; free=419MB; total=1024MB; max=1024MB
[INFO ] 2023-09-21 20:16:51.800 [main] ContextLoaderListener -
[INFO ] 2023-09-21 20:16:51.801 [main] ContextLoaderListener - Authentication: file
[INFO ] 2023-09-21 20:16:51.801 [main] ContextLoaderListener - Session: local
[INFO ] 2023-09-21 20:16:51.802 [main] ContextLoaderListener - Data storage: aws-s3
[INFO ] 2023-09-21 20:16:51.802 [main] ContextLoaderListener - Search: lucene
[INFO ] 2023-09-21 20:16:51.802 [main] ContextLoaderListener - dot: true
[INFO ] 2023-09-21 20:16:51.802 [main] ContextLoaderListener - DSL editor: false
[INFO ] 2023-09-21 20:16:51.803 [main] ContextLoaderListener - Safe mode: true
[INFO ] 2023-09-21 20:16:51.803 [main] ContextLoaderListener - ***********************************************************************************
[INFO ] 2023-09-21 20:16:51.803 [main] ContextLoaderListener - MIT License
[INFO ] 2023-09-21 20:16:51.803 [main] ContextLoaderListener -
[INFO ] 2023-09-21 20:16:51.803 [main] ContextLoaderListener - Copyright (c) 2023 Structurizr Limited
[INFO ] 2023-09-21 20:16:51.803 [main] ContextLoaderListener -
[INFO ] 2023-09-21 20:16:51.803 [main] ContextLoaderListener - Permission is hereby granted, free of charge, to any person obtaining a copy
[INFO ] 2023-09-21 20:16:51.803 [main] ContextLoaderListener - of this software and associated documentation files (the "Software"), to deal
[INFO ] 2023-09-21 20:16:51.804 [main] ContextLoaderListener - in the Software without restriction, including without limitation the rights
[INFO ] 2023-09-21 20:16:51.804 [main] ContextLoaderListener - to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
[INFO ] 2023-09-21 20:16:51.804 [main] ContextLoaderListener - copies of the Software, and to permit persons to whom the Software is
[INFO ] 2023-09-21 20:16:51.804 [main] ContextLoaderListener - furnished to do so, subject to the following conditions:
[INFO ] 2023-09-21 20:16:51.804 [main] ContextLoaderListener -
[INFO ] 2023-09-21 20:16:51.804 [main] ContextLoaderListener - The above copyright notice and this permission notice shall be included in all
[INFO ] 2023-09-21 20:16:51.804 [main] ContextLoaderListener - copies or substantial portions of the Software.
[INFO ] 2023-09-21 20:16:51.804 [main] ContextLoaderListener -
[INFO ] 2023-09-21 20:16:51.805 [main] ContextLoaderListener - THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
[INFO ] 2023-09-21 20:16:51.805 [main] ContextLoaderListener - IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
[INFO ] 2023-09-21 20:16:51.805 [main] ContextLoaderListener - FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
[INFO ] 2023-09-21 20:16:51.805 [main] ContextLoaderListener - AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
[INFO ] 2023-09-21 20:16:51.805 [main] ContextLoaderListener - LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
[INFO ] 2023-09-21 20:16:51.805 [main] ContextLoaderListener - OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
[INFO ] 2023-09-21 20:16:51.805 [main] ContextLoaderListener - SOFTWARE.
[INFO ] 2023-09-21 20:16:51.806 [main] ContextLoaderListener - ***********************************************************************************
21-Sep-2023 20:16:55.794 INFO [main] org.apache.catalina.startup.HostConfig.deployWAR Deployment of web application archive [/usr/local/tomcat/webapps/ROOT.war] has finished in [11,286] ms
21-Sep-2023 20:16:55.797 INFO [main] org.apache.coyote.AbstractProtocol.start Starting ProtocolHandler ["http-nio-8080"]
21-Sep-2023 20:16:55.812 INFO [main] org.apache.catalina.startup.Catalina.start Server startup in [11470] milliseconds
My log42j file looks like this:
appender.console.type = Console
appender.console.name = LogToConsole
appender.console.layout.type = PatternLayout
appender.console.layout.pattern = [%-5level] %d{yyyy-MM-dd HH:mm:ss.SSS} [%t] %c{1} - %msg%n
appender.file.type = File
appender.file.name = LogToFile
appender.file.fileName=${sys:structurizr.dataDirectory}/logs/structurizr.log
appender.file.layout.type=PatternLayout
appender.file.layout.pattern=[%-5level] %d{yyyy-MM-dd HH:mm:ss.SSS} [%t] %c{1} - %msg%n
logger.app.name = com.structurizr
logger.app.level = ALL
logger.app.additivity = false
logger.app.appenderRef.console.ref = LogToConsole
logger.app.appenderRef.file.ref = LogToFile
logger.springSecurity.name = org.springframework.security
logger.springSecurity.level = ALL
logger.springSecurity.additivity = false
logger.springSecurity.appenderRef.console.ref = LogToConsole
logger.springSecurity.appenderRef.file.ref = LogToFile
rootLogger.level = ALL
rootLogger.appenderRef.stdout.ref = LogToConsole
rootLogger.appenderRef.file.ref = LogToFile
I had this behavior in the past and could debug as something related to trying to access the s3 object history, but could not reproduce this time.
1 - run the Structurizr on premises pointing to S3 bucket;
2 - access the home of the workspace;
3 - get the 500 error page.
No response
No response
build: 3080 (2023-06-21T09:31:25Z
Major
Low
I'm willing to fix this myself and raise a PR
No response
Hello,
I saw you have configuration in a file.
Is there a way to set those values in environment variables?
Thank you.
Hi Simon,
i'm having unexpected problems using structurizr/onpremises Docker Container on OSX (MacBook Pro)
I'm starting the container with
docker run -it --rm -p 8080:8080 -v /Users/uwe/architecture/c4model/.structurizr_data:/usr/local/structurizr structurizr/onpremises
I get the following error message back
Cannot find /usr/local/tomcat/bin/setclasspath.sh
This file is needed to run this program
A similar behaviour for tomcat in Docker Containers is described here and here
Somehow it has to do with some incompatibilities between the installed Tomcat version in the Docker container and the used Docker version, that leads to a situation, where a simple test in the started catalina.sh fails
if [ -r "$CATALINA_HOME"/bin/setclasspath.sh ]; then
. "$CATALINA_HOME"/bin/setclasspath.sh
else
echo "Cannot find $CATALINA_HOME/bin/setclasspath.sh"
echo "This file is needed to run this program"
fi
Unfortunately my possibilities to fix this are very limited as i have no possibility to change the content of the provided Docker Container and the used Tomcat version there.
I've already upgraded my Docker installation to latest available version
docker --version
Docker version 20.10.20, build 9fdeb9c3de
I'm running on
uname -a
Darwin LT958.local 21.5.0 Darwin Kernel Version 21.5.0: Tue Apr 26 21:08:22 PDT 2022; root:xnu-8020.121.3~4/RELEASE_X86_64 x86_64
Do you have any suggestions how to make structurizr/onpremises working?
Thanks a lot
Uwe
Admin users should be able to see all workspaces on an on-premises installation.
It appears that the onpremise node is expecting some kind of state, perhaps a cookie, when logging in. Speculation: when running two pods in a round-robin load balancer, it is possible to login to the pod that didn't originate the token.
Is there some kind of HA setting I'm missing?
I have S3 configured and working.
I am trying to configure Structurizer On-Premise with Azure AD SAML Authentication, but when Azure is redirecting to the application it returns 405.
I am using latest docker build (3038).
Configure SAMl Single Sing-on in Azure AD as described here https://structurizr.com/share/18571/documentation#saml-20
Azure AD
Structurizer configuration
Redirect result
No response
No response
Minor
Medium
I have no budget, please fix this for free
No response
When trying to follow the directions to configure Keycloak SAML 2.0 as the authentication for Structurizr, using the pre-built docker image (3140 or later) no redirect occurs to the SSO login; instead, an exception is thrown. I had to find the exception in tomcat/logs/localhost.<date>.log
file as it did not appear in log output on screen.
The thrown exception:
org.apache.catalina.core.StandardWrapperValve.invoke Servlet.service() for servlet [root] in context with path [] threw exception [org.opensaml.ws.message.encoder.MessageEncodingException: Error creating output document] with root cause
java.lang.ClassNotFoundException: org.owasp.esapi.reference.JavaLogFactory
at org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1412)
at org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1220)
at java.base/java.lang.Class.forName0(Native Method)
at java.base/java.lang.Class.forName(Unknown Source)
at org.owasp.esapi.util.ObjFactory.loadClassByStringName(ObjFactory.java:158)
at org.owasp.esapi.util.ObjFactory.make(ObjFactory.java:81)
at org.owasp.esapi.ESAPI.logFactory(ESAPI.java:139)
at org.owasp.esapi.ESAPI.getLogger(ESAPI.java:155)
...
...
org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.base/java.lang.Thread.run(Unknown Source)
Reverting to docker tag 3138 fixes the issue.
This seems maybe related to this ESAPI/esapi-java-legacy#695
Follow the Structurizr SAML 2.0 Keycloak setup guide verbatim using structurizr/onpremises:3140
or later
No response
No response
No response
Major
High
I have no budget and there's no rush, please fix this for free
No response
It would be great if we could specify an alternate S3 endpoint in the configuration, in order to use 3rd-party S3-compatible provider likes Scaleway's Object Storage
They use virtual-hosted–style notation.
Exemple
structurizr.data=aws-s3
aws-s3. accessKeyId=XXXXXX
aws-s3.secretAccessKey=XXXXXX
aws-s3.endpoint=s3.fr-par.scw.cloud
aws-s3.region=fr-par
aws-s3.bucketName=structurizrDemo
The final endpoint is https://structurizrDemo.s3.fr-par.scw.cloud
I may be able to add this if I take time to learn Java 😅
Thanks !
Low
I have no budget, please add this feature for free
No response
I've started onprem on my machine using docker pull/run. I am able to access the tool on localhost:8080. Also, I can create workspaces. The problem is that it shows that workspace is empty, eventhough I added workspace.dsl into the folder. The file is from getting started:
workspace {
model {
user = person "User" "A user of my software system."
softwareSystem = softwareSystem "Software System" "My software system."
user -> softwareSystem "Uses"
}
views {
systemContext softwareSystem "SystemContext" {
include *
autoLayout
}
styles {
element "Software System" {
background #1168bd
color #ffffff
}
element "Person" {
shape person
background #08427b
color #ffffff
}
}
}
}
docker pull structurizr/onpremises:latest
docker run...
access localhost:8080 using browser
create new workspace
open workspace page - workspace is empty
access the folder created in previous step
put workspace.dsl into the folder
open workspace page again - workspace is still empty
No response
No response
No response
Minor
Low
I have no budget, please fix this for free
No response
Whether Workspace Version can be supported when using aws-s3 data storage
Docker image (tag: 2996
) throws an unsupported method error for /saml/SSO
after redirecting to IdP.
[WARN ] 2023-03-01 21:44:47.408 [http-nio-8080-exec-5] DefaultHandlerExceptionResolver - Resolved [org.springframework.web.HttpRequestMethodNotSupportedException: Request method 'POST' not supported]
Is POST not supported? Did I configure something incorrectly?
Hi,
For now we are using local storage for structurizr on premise and we are starting to get out of disk space errors.
We are uploading very often new versions of structurizr workspaces in our automated pipelines. Often even without changes. So a few questions on what are operationally our options:
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.