Without authentication, DCM4CHEE works fine - I am able to store and retrieve studies as expected.
With authentication I am able to login, but after that I get a "Forbidden": if I call http://myip:8080/dcm4chee-arc/ui2/, it redirects me to the login page, where I am successfully authenticated. I increased the root log level to "ALL", which looks fine - except that I do not see why I get the "Forbidden" message:
2017-06-02 13:18:18,198 DEBUG [io.undertow.request.security] (default task-24) Authentication result was AUTHENTICATED for HttpServerExchange{ GET /dcm4chee-arc/ui2/ request {Accept=[text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8], Accept-Language=[en-US,en;q=0.8], Cache-Control=[max-age=0], Accept-Encoding=[gzip, deflate, sdch], User-Agent=[Mozilla/5.0 (X11; Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36], Connection=[keep-alive], Cookie=[JSESSIONID=tjXPup...pacs], Referer=[http://myip:8080/auth/realms/dcm4che/protocol/openid-connect/auth?response_type=code&client_id=dcm4chee-arc-ui&redirect_uri=http%3A%2F%2Fmyip%3A8080%2Fdcm4chee-arc%2Fui2%2F&state=59ae2...378&login=true&scope=openid], Upgrade-Insecure-Requests=[1], Host=[myip:8080]} response {Expires=[0], Cache-Control=[no-cache, no-store, must-revalidate], X-Powered-By=[Undertow/1], Server=[WildFly/10], Pragma=[no-cache]}}
2017-06-02 13:18:18,199 DEBUG [org.keycloak.adapters.KeycloakDeployment] (default task-24) resolveUrls
2017-06-02 13:18:18,199 DEBUG [org.keycloak.adapters.AuthenticatedActionsHandler] (default task-24) AuthenticatedActionsValve.invoke http://myip:8080/dcm4chee-arc/ui2/
2017-06-02 13:18:18,199 DEBUG [org.keycloak.adapters.AuthenticatedActionsHandler] (default task-24) Policy enforcement is disabled.
2017-06-02 13:18:18,199 TRACE [io.undertow.server.HttpServerExchange] (default task-24) Starting to write response for HttpServerExchange{ GET /dcm4chee-arc/ui2/ request {Accept=[text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8], Accept-Language=[en-US,en;q=0.8], Cache-Control=[max-age=0], Accept-Encoding=[gzip, deflate, sdch], User-Agent=[Mozilla/5.0 (X11; Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36], Connection=[keep-alive], Cookie=[JSESSIONID=tjXPu...pacs], Referer=[http://myip:8080/auth/realms/dcm4che/protocol/openid-connect/auth?response_type=code&client_id=dcm4chee-arc-ui&redirect_uri=http%3A%2F%2Fmyip%3A8080%2Fdcm4chee-arc%2Fui2%2F&state=59ae2c...a2a378&login=true&scope=openid], Upgrade-Insecure-Requests=[1], Host=[myip:8080]} response {Expires=[0], Cache-Control=[no-cache, no-store, must-revalidate], X-Powered-By=[Undertow/1], Server=[WildFly/10], Pragma=[no-cache], Date=[Fri, 02 Jun 2017 11:18:18 GMT], Connection=[keep-alive], Content-Type=[text/html;charset=UTF-8], Content-Length=[68]}}
My browser gets redirected to redirected to http://myip:8080/dcm4chee-arc/ui2/, which leads to the "Forbidden" message.
How do I resolve the "Forbidden" problem?