Skip to first unread message
Martyn Klassen
May 4, 2020, 9:07:39 AM5/4/20
to dcm4che
I am having CORS (cross-origin resource sharing) with docker installation of dcm4chee-arc-sql-5.22.1-secure. When I use the latest docker images defined on (https://github.com/dcm4che/dcm4chee-arc-light/wiki/Running-on-Docker), I get an indefinite spinning circle after login. I am following https://github.com/dcm4che/dcm4chee-arc-light/wiki/Run-secured-archive-services-and-Elastic-Stack-on-a-single-host configuration with the following docker images:
dcm4che/keycloak:9.0.2
dcm4che/keycloak-gatekeeper:9.0.2
dcm4che/logstash-dcm4chee:7.6.0-10
dcm4che/slapd-dcm4chee:2.4.48-22.1
dcm4che/postgres-dcm4chee:12.2-22
cm4che/dcm4chee-arc-psql:5.22.1-secure
docker.elastic.co/elasticsearch/elasticsearch-oss:7.6.2
docker.elastic.co/kibana/kibana-oss:7.6.2
This issue is also present if I use version 5.22.0, but not present if I down grade to version 5.21.0, i.e. keep all the other latest docker images, keycloak configuration, etc and just downgrade the two docker images
dcm4che/dcm4chee-arc-psql:5.21.0-secure
dcm4che/slapd-dcm4chee:2.4.48-21.0The CORS errors reported by the browser are
[Error] Origin https://arc.local:8443 is not allowed by Access-Control-Allow-Origin.
[Error] Failed to load resource: Origin https://arc.local:8443 is not allowed by Access-Control-Allow-Origin. (auth, line 0)
https://arc.local:8843/auth/realms/dcm4che/protocol/openid-connect/auth?response_type=code&client_id=dcm4chee-arc-ui&redirect_uri=https%3A%2F%2Farc.local%3A8443%2Fdcm4chee-arc%2Fui2%2Fpolyfills-es2015.4630fac39746bda5ff94.js&state=60aa51de-48c3-4c57-8a69-d09973b80e73&login=true&scope=openid
[Error] TypeError: Cross-origin script load denied by Cross-Origin Resource Sharing policy.
promiseReactionJob
[Error] Origin https://arc.local:8443 is not allowed by Access-Control-Allow-Origin.
[Error] Failed to load resource: Origin https://arc.local:8443 is not allowed by Access-Control-Allow-Origin. (auth, line 0)
https://arc.local:8843/auth/realms/dcm4che/protocol/openid-connect/auth?response_type=code&client_id=dcm4chee-arc-ui&redirect_uri=https%3A%2F%2Farc.local%3A8443%2Fdcm4chee-arc%2Fui2%2Fruntime-es2015.28e6c1a0da980997a11c.js&state=d2ceb1ba-f71f-48ae-8f46-c0ce0edd203a&login=true&scope=openid
[Error] TypeError: Cross-origin script load denied by Cross-Origin Resource Sharing policy.
promiseReactionJob
[Error] Origin https://arc.local:8443 is not allowed by Access-Control-Allow-Origin.
[Error] Failed to load resource: Origin https://arc.local:8443 is not allowed by Access-Control-Allow-Origin. (auth, line 0)
https://arc.local:8843/auth/realms/dcm4che/protocol/openid-connect/auth?response_type=code&client_id=dcm4chee-arc-ui&redirect_uri=https%3A%2F%2Farc.local%3A8443%2Fdcm4chee-arc%2Fui2%2Fstyles-es2015.256f67eeb79e7f602d04.js&state=737d1eb9-a9da-44cc-b627-e9f0dcb4ffae&login=true&scope=openid
[Error] TypeError: Cross-origin script load denied by Cross-Origin Resource Sharing policy.
promiseReactionJob
[Error] Origin https://arc.local:8443 is not allowed by Access-Control-Allow-Origin.
[Error] Failed to load resource: Origin https://arc.local:8443 is not allowed by Access-Control-Allow-Origin. (auth, line 0)
https://arc.local:8843/auth/realms/dcm4che/protocol/openid-connect/auth?response_type=code&client_id=dcm4chee-arc-ui&redirect_uri=https%3A%2F%2Farc.local%3A8443%2Fdcm4chee-arc%2Fui2%2Fmain-es2015.cfd92db0e46c992a50f4.js&state=99d01a98-7d98-493f-ba77-e41b546b8f72&login=true&scope=openid
[Error] TypeError: Cross-origin script load denied by Cross-Origin Resource Sharing policy.
promiseReactionJob
I have looked through the change in the installation instructions between 5.21 and 5.22.1, but did not see anything that looked related. I was wondering if anyone else has seen something similar and has a suggestion on how to fix the issue.
Gunter Zeilinger
May 4, 2020, 9:29:18 AM5/4/20
to dcm...@googlegroups.com
Check your Keycloack client Web Origins configuration. E.g.:
Sent with ProtonMail Secure Email.
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
--You received this message because you are subscribed to the Google Groups "dcm4che" group.To unsubscribe from this group and stop receiving emails from it, send an email to dcm4che+u...@googlegroups.com.To view this discussion on the web visit https://groups.google.com/d/msgid/dcm4che/0ad3031d-14ed-4358-9d79-3444458ee9bc%40googlegroups.com.
Martyn Klassen
May 4, 2020, 3:20:34 PM5/4/20
to dcm4che
I have web origins set to
Based on the help popup for web origins, I also tried setting it to '+' and '*', but I still get the same errors.
Gunter Zeilinger
May 5, 2020, 3:35:21 AM5/5/20
to dcm...@googlegroups.com
Verify if the response header from keycloak actually includes corresponding CORS attribute access-control-allow-origin.
--You received this message because you are subscribed to the Google Groups "dcm4che" group.To unsubscribe from this group and stop receiving emails from it, send an email to dcm4che+u...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/dcm4che/1cebc177-08f5-4bbb-a138-80f91892eeeb%40googlegroups.com.
Gunter Zeilinger
May 5, 2020, 8:29:13 AM5/5/20
to dcm...@googlegroups.com
Did you look at the cors preflight OPTION request?
Purge your keycloak installation and (re)start the keycloak container.
On Tuesday, May 5, 2020 2:24 PM, Martyn Klassen <lmkl...@gmail.com> wrote:
I am not seeing any access-control-* fields in the headers.
--You received this message because you are subscribed to the Google Groups "dcm4che" group.To unsubscribe from this group and stop receiving emails from it, send an email to dcm4che+u...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/dcm4che/9f417f5a-94e7-414f-bf8a-5a00fd87f072%40googlegroups.com.
Martyn Klassen
May 5, 2020, 9:52:32 AM5/5/20
to dcm...@googlegroups.com
I have rebuilt my entire testing stack. I am now seeing different behaviour across browsers when loading https://arc.local:8443/dcm4chee-arc/ui2/.
Safari, where the issue was originally observed, still just shows a spinning circle instead of loading the study page. I discovered the Disable Cross-origin restrictions in Safari and although this suppresses the CORS errors, the study page still does not load and I just getting a spinning circle.
Chrome does not send OPTIONS, but does load study page correctly.
Firefox loads correctly and does have an OPTIONS call when loading the study page. I had used the request URL from your screen capture and was therefore looking at the traffic when loading https://arc.local:8843/auth/realms/dcm4che/account which is why I had not seen the OPTIONS headers.
Previously, I observed the spinning circle in Chrome which went away when CORS restrictions were disabled, but that must have been the result of misconfiguring something while trying to fix the issue in Safari. The issue now appears to be isolated to Safari and not actually a CORS issue.
I really appreciate your assistance with this issue. if there is something I can do help diagnose and fix the issue in Safari, please let me know. For now I can use Chrome and Firefox for testing.
You received this message because you are subscribed to a topic in the Google Groups "dcm4che" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/dcm4che/1yJpLeEd1A0/unsubscribe.
To unsubscribe from this group and all its topics, send an email to dcm4che+u...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/dcm4che/SlKU0u2RQEwxaf8hmX2epjp3iozkqJWRWZCv2htL5BNQatbEnUCZIYF_U7Nh5xMIWKfRNnelraCthHBWVDNeMp_utLbFS2DPDUvMLnBS4FE%3D%40protonmail.com.
gunterze
May 6, 2020, 4:08:35 AM5/6/20
to dcm4che
Could reproduce the issue: #2572
On Tuesday, May 5, 2020 at 3:52:32 PM UTC+2, Martyn Klassen wrote:
I have rebuilt my entire testing stack. I am now seeing different behaviour across browsers when loading https://arc.local:8443/dcm4chee-arc/ui2/.
Safari, where the issue was originally observed, still just shows a spinning circle instead of loading the study page. I discovered the Disable Cross-origin restrictions in Safari and although this suppresses the CORS errors, the study page still does not load and I just getting a spinning circle.Chrome does not send OPTIONS, but does load study page correctly.Firefox loads correctly and does have an OPTIONS call when loading the study page. I had used the request URL from your screen capture and was therefore looking at the traffic when loading https://arc.local:8843/auth/realms/dcm4che/account which is why I had not seen the OPTIONS headers.Previously, I observed the spinning circle in Chrome which went away when CORS restrictions were disabled, but that must have been the result of misconfiguring something while trying to fix the issue in Safari. The issue now appears to be isolated to Safari and not actually a CORS issue.I really appreciate your assistance with this issue. if there is something I can do help diagnose and fix the issue in Safari, please let me know. For now I can use Chrome and Firefox for testing.
On May 5, 2020, at 08:29, 'Gunter Zeilinger' via dcm4che <dcm...@googlegroups.com> wrote:
Did you look at the cors preflight OPTION request?Purge your keycloak installation and (re)start the keycloak container.Sent with ProtonMail Secure Email.‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐On Tuesday, May 5, 2020 2:24 PM, Martyn Klassen <lmkl...@gmail.com> wrote:
I am not seeing any access-control-* fields in the headers.
--You received this message because you are subscribed to the Google Groups "dcm4che" group.
To unsubscribe from this group and stop receiving emails from it, send an email to dcm...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/dcm4che/9f417f5a-94e7-414f-bf8a-5a00fd87f072%40googlegroups.com.
--
You received this message because you are subscribed to a topic in the Google Groups "dcm4che" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/dcm4che/1yJpLeEd1A0/unsubscribe.
To unsubscribe from this group and all its topics, send an email to dcm...@googlegroups.com.
Reply all
Reply to author
Forward
0 new messages