Book a Demo

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - ppeeters

Pages: [1] 2
1
I did try both proposals and they both give the same error while providing a correct result.
However I have narrowed down the problem to the creation element with a stereotype from an added model MDG.
I've tried with the stock APM MDG than can be build with v17 and it gives the same error if a use one of the stereotype defined in the MDG.
If I create a new simple UML class, there is no error.

It looks like a "bug" then even though the script is succefully executed.

2
Hi,

I'm new to model add-ins and tried to implement a javascript addin the is triggered on EA_OnPostNewElement to fill in a specific tagged value of elements of a given stereotype (defined using an MDG).

I cannot get rid of an error that occurs while retrieving the element being created:

Part of the code of the EA_OnPostNewElement reception method start with

Code: [Select]
// Configuration
var STEREOTYPE_NAME = "TEA_Capability"; // Stereotype to be catched
var TAGGEDVALUE_NAME = "Capability ID"; // Tagged value name
var ID_PREFIX = "CAP"; // ID prefix
// Extract ID from Info
var elementId, newElement;
elementId = Info.Get("ElementID");
newElement = Repository.GetElementByID(elementId);
if (newElement) {
    if (newElement.Stereotype != STEREOTYPE_NAME) {
        return false;
    }
    // Check if tagged value already exists and has a value
    var tvs = newElement.TaggedValues;

The method is invoked when creating a new element of the given stereotype but it outputs the message:
Code: [Select]
Invocation error in: addin.EA_OnPostNewElement
------------------------------------------------
  12:    // Extract ID from Info
  13:    var elementId, newElement;
  14:    elementId = Info.Get("ElementID");
  15:    newElement = Repository.GetElementByID(elementId);             [!!!! Exception in GetElementByIDInternal application error.]
  16:    if (newElement) {
  17:        if (newElement.Stereotype != STEREOTYPE_NAME) {
  18:            return false;
  19:        }
  20:        // Check if tagged value already exists and has a value
--------------------------------------------------

However the method completes succefully and the tagged value is updated as expected.

I'm using EA v17.0

Any idea what the problem might be ?

Thanks

3
PCS General Board / Re: Repository authentication through PCS
« on: April 23, 2024, 06:53:31 pm »
Hello,

In our company we use a specialized AD group for externals who need to consult PCS
We deliberately chose not to engage in OpenID as apparently according to our security team it is possible to hijack access validation via simple scripts.

Interesting! Do you have any references ?
BTW, our repo is not open to people outside our organization. OpenID authentication relies on our corporate IdP using dedicated groups.

4
PCS General Board / Re: Repository authentication through PCS
« on: April 22, 2024, 04:35:26 pm »
Hi all,

Thanks for the precision. I have collected the log from the "System Output"

Using Sparx EA 16.1.1625 (64bits)

PCS is hosted and managed by prolaborate (AWS)

Connect from corporate network :

Quote
Attempting to log in Windows SSO user: 'my login name'
Checking for user's Windows linked groups
User is a member of Windows groups: followed by the list of 70+ AD groups I'm member of
User's Windows groups linked to Enterprise Architect groups: the AD group authorized to use the repository <-> Authors
User's Windows groups not linked to any Enterprise Architect group: list AD groups not mapped to any repository group
Login: Logged in as Windows user 'my login name'.

Now connecting from a home using public network (same PCS endpoint, same repository security configuration)

Quote
Attempting to log in Windows SSO user: 'my login name'
Failed to get current user from Active Directory.
The specified domain either does not exist or could not be contacted.

Login: Non-Domain users are not allowed (username: my upn login)
Attempting to log in OpenID SSO user
and the OpenID dialog shows up.

Configuration is:
  • accept windows authentication
  • accept OpenID authentication
  • automatically create and modify windows or openid users
  • One AD group is mapped to one repository group both for windows authentication and openid

Should I autorise non-domain users ?

5
PCS General Board / Repository authentication through PCS
« on: April 19, 2024, 10:07:29 pm »
Hi all,

We recently moved our on-premise DB repository where Windows authentication was activated to a cloud-based repository using PCS for Sparx EA access. We keep the Windows authentication settings but add an OpenID option using our Azure AD (now Entra ID) IdP synchronized with our on-premises AD.
I'm not an expert in Windows domain security therefore I'm not sure I'm using the correct wording.
Connecting from within on-premise, the Windows authentication is "propagated" to PCS and authentication succeeds as usual using the AD group mapping defined.
However, if we try to connect from home (without any VPN), windows authentication fails and Sparx EA proposes an OpenID authentication (which succeeds).
Not being familiar with the Windows ID propagation, is it the expected behavior? Does Sparx EA try to negotiate with the on-premise AD and fail? If yes, this means then that OpenID is the only authentication method available remotely. This is not a problem but our users might be surprised by this behaviour.

Thanks for your clarification.

6
Hi,

I've just filled in a bug report. We'll see...

7
Hi all,

I'm using EA v16.1 (64bits) with a repository where security is activated and user lock required.
I have a problem restoring a baseline due to a locking issue together with the presence of a 'Annotions' type package '...{}' in the package I want to restore.
Initially, I have a package with some diagrams and elements but no 'annotations' (Notes, boundary...). I take a lock on that package and its content and make a v1.0 baseline.
Next I add a note to one diagram. This create an annotation '...{}' package containing the note element.
If I try to restore my original v1.0 baseline, it fails with the message
"One or more item under the current package are security locked, all items must be unlocked before performing this action"
This happens as soon as an annotation sub-packaged is present in the model.

Note that if I move the note out of the baselined package, restoring works.
Any idea ?

There is no problem with v15.2

8
I submitted a bug report for the slow connection, wait and see...
Concerning the UPN switch, I have checked with the latest v15.2 release (1560) and it is already implemented there. We still have the release 1554 deployed here and it was not yet implemented.
We still want to keep both v15.2 and v16 64bits available to ease the transition to the new QEA local repo format.
In any case, it looks like we should wait for the next v16 release.

Thanks for your feedback, Geert

9
Yes, I closed the model and reopened it : it is still slow to connect displaying the same very verbose  AD related system output.
The duplicate UserLogin is really annoying too. Should I submit a bug report ?

I was not aware of the browser bug you mentionned.
Apparently EA16 is still not ready for deployment here...

10
Ok, here is what I tried:

I update the schema to 1558 using the 'EASchema_Alter1220to1558_SQLServer.sql' script
I deleted my user

I reconnect using EA16 : same result : 20 seconds to connect (same system output) and my user is recreated using the email. The locks are indeed lost.
I reconnect using EA15 : 3 seconds to connect BUT a new user is created using 'DOMAIN\uid' as UserLogin !

System output EA15
Login: Logged in as Windows user 'Philippe Peeters (STIB-MIVB\peetersp)'.
Login: Added Windows user 'Philippe Peeters (STIB-MIVB\peetersp)' to model.
Login: Added Windows user 'Philippe Peeters (STIB-MIVB\peetersp)' to group 'Authors'.
Login: Logged in as Windows user 'Philippe Peeters (STIB-MIVB\peetersp)'.



Now have 2 different users in t_secuser depending on the version used to connect !

11
Thanks Geert, I'll try that but what will happen to the author of existing objects in the model ?

12
Hi,

We are testing EA v16 64bits (1605). We are connecting to DB repositories (SQLServer) and the models are configured with Windows user security and authentication. A specific AD group is also linked to the "Authors" group and populated with authorized users.
With EA v15.2, the connection to the model takes a couple of second while using EA v16 64bits it takes several tens of seconds. When connecting remotely through the enterprise VPN it might even takes a couple of minutes to connect !

I note in the System output that EA15 only displays
Login: Logged in as Windows user 'userid (DOMAIN\userid)'.

while EA16 display:

Attempting to log in Windows SSO user: 'userid, DOMAINN\userid'
Checking for user's Windows linked groups
User is a member of group: 'XXXX'

...

then a list of 69 AD groups I'm member of is slowy dumped on the console
then

User is a member of 69 groups

then, for each AD group :
User's Windows group 'DOMAIN\GROUPNAME' is not linked to any Enterprise Architect group

69 times

and eventually:

Login: Windows user 'Firstname Lastname (mail address)' is not a member of the model.
Login: Logged in as Windows user 'Firstname Lastname (mail address))'.


This behaviour is quite new to me. Is this an expected behaviour and, if yes, can it be disable ? Is it a bug ? Users won't definitely be happy...

Note :
the SQLServer schema is pre-1558
"Automatically create or modify Windows or OpenID users" is checked.


13
I got the answer from Sparx and, as expected, it works as designed : only Archimate2 and 3 stereotype are exported.

14
Thanks for your reply Geert.
That's what I did. Wait and see...

15
Hi,

I've create a custom MDG where, for instance, I've a stereotype specializing an "Archimate3::Archimate_ApplicationComponent" by defining a set of Tagged value.
I noticed however that any instance of that stereotype in an archimate model is not exported at all using the Archimate "Model Exchange File" ; all other "native" archimate objects are present while my custom stereotype are just missing (they do appear when exporting as an XMI of course).
Is this the expected behaviour ? If yes, is there any "trick" to make them exportable using Model Exchange ?

Pages: [1] 2