Just finished installation, dcm4chee-arc/ui2 says Forbidden (HTTP status 403)
834 views
Skip to first unread message
Antônio Vinícius Menezes Medeiros
Aug 15, 2017, 7:58:08 AM8/15/17
to dcm4che
Hi there! First of all, thank you for the DCM4CHE(E) guys for their excellent work! I work at a hospital and we use a commercial modified version of DCM4CHEE 2.x. We are trying to rise a DCM4CHEE 5.x installation by ourselves, but we got stuck at installation. Maybe someone on this list can help us...
We followed installation instructions at https://github.com/dcm4che/dcm4chee-arc-light/wiki/Installation to install the non secured version of the web UI with PostgreSQL.
The only difference was that we downloaded and built the source instead of getting the binaries. To build, we followed instructions at https://github.com/dcm4che/dcm4chee-arc-light
Then, we found dcm4chee-arc-5.10.4-psql.zip inside dcm4chee-arc-light/dcm4chee-arc-assembly/target, unzipped it and used the unzipped folder as $DCM4CHEE_ARC.
Our server setup is as follows:
- openSUSE Leap 42.3
- Oracle JDK 8 update 144
- Wildfly 10.1.0
- PostgrelSQL 9.6 (distribution package)
- OpenLDAP 2.4.44 (distribution package)
- ApacheDirectoryStudio 2.0.0.v20161101-M12
- Apache Maven 3.5.0
- DCM4CHEE Archive 5.10.4
When we reached the last step, "Verify that the Web UI is accessable at http://localhost:8080/dcm4chee-arc/ui2", the browser showed just "Forbidden", as in the attached images.
WildFly stdout showed, some seconds later:
15:45:05,715 INFO [org.dcm4che3.net.audit.AuditLogger] (EE-ManagedScheduledExecutorService-default-Thread-2) Send audit message to localhost/127.0.0.1:514
15:45:05,721 INFO [org.dcm4che3.net.audit.AuditLogger] (EE-ManagedScheduledExecutorService-default-Thread-2) Send audit message to localhost/127.0.0.1:514
The 514 port corresponds to syslog. At that same time, system log showed:
Aug 14 15:45:05 localhost 1 2017-08-14T15:45:05.647-03:00 antonio.heufpel.com.br dcm4chee-arc 19725 IHE+RFC-3881 - <?xml version="1.0" encoding="UTF-8" standalone="yes"?><AuditMessage xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="http://www.dcm4che.org/DICOM/audit-message.rnc"><EventIdentification EventActionCode="E" EventDateTime="2017-08-14T15:44:05-03:00" EventOutcomeIndicator="0"><EventID csd-code="110100" codeSystemName="DCM" originalText="Application Activity"/><EventTypeCode csd-code="110120" codeSystemName="DCM" originalText="Application Start"/></EventIdentification><ActiveParticipant UserID="DCM4CHEE;DCM4CHEE_ADMIN;DCM4CHEE_TRASH" AlternativeUserID="19725" UserIsRequestor="false" NetworkAccessPointID="localhost" NetworkAccessPointTypeCode="1"><RoleIDCode csd-code="110150" codeSystemName="DCM" originalText="Application"/></ActiveParticipant><AuditSourceIdentification AuditSourceID="dcm4chee-arc"><AuditSourceTypeCode csd-code="4"/></AuditSourceIdentification></AuditMessage>
Aug 14 15:45:05 localhost 1 2017-08-14T15:45:05.720-03:00 antonio.heufpel.com.br dcm4chee-arc 19725 IHE+RFC-3881 - <?xml version="1.0" encoding="UTF-8" standalone="yes"?><AuditMessage xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="http://www.dcm4che.org/DICOM/audit-message.rnc"><EventIdentification EventActionCode="E" EventDateTime="2017-08-14T15:43:45-03:00" EventOutcomeIndicator="0"><EventID csd-code="110100" codeSystemName="DCM" originalText="Application Activity"/><EventTypeCode csd-code="110121" codeSystemName="DCM" originalText="Application Stop"/></EventIdentification><ActiveParticipant UserID="DCM4CHEE;DCM4CHEE_ADMIN;DCM4CHEE_TRASH" AlternativeUserID="19725" UserIsRequestor="false" NetworkAccessPointID="localhost" NetworkAccessPointTypeCode="1"><RoleIDCode csd-code="110150" codeSystemName="DCM" originalText="Application"/></ActiveParticipant><AuditSourceIdentification AuditSourceID="dcm4chee-arc"><AuditSourceTypeCode csd-code="4"/></AuditSourceIdentification></AuditMessage>
I tested all of those components individually (JDK, WildFly, PostgreSQL, etc) and everything seems to be fine. What could be wrong? Where can I get more information/logging?
Thank you in advance!
Gustavo Fernandez Guirland
Aug 15, 2017, 11:46:23 AM8/15/17
to dcm4che
Antonio:
Error 403 is permission denied,
To create the user on the Wildfly? Can you access the Wildfly console by localhost:9990/console?
Best regards
Error 403 is permission denied,
To create the user on the Wildfly? Can you access the Wildfly console by localhost:9990/console?
Best regards
Antônio Vinícius Menezes Medeiros
Aug 15, 2017, 1:53:56 PM8/15/17
to dcm4che
Do you mean add a new user to access the WildFly administration console using the add-user.sh script as documented here? https://docs.jboss.org/author/display/WFLY10/Getting+Started+Guide
Yes, I did! I'm able to access the WildFly administration console at http://localhost:9990
Gustavo Fernandez Guirland
Aug 15, 2017, 5:01:56 PM8/15/17
to dcm4che
Antonio
If you followed the steps of https://github.com/dcm4che/dcm4chee-arc-light/wiki/Installation are you accessing the PACS from the same OpenSUSE computer or from another? Does your connection go through a PROXY that might be blocking connections to port 8080? You have Firewall enabled or SELINUX active, there are rules to load when you use SELINUX to run the LDAP slapd daemon without problems
Best regards
If you followed the steps of https://github.com/dcm4che/dcm4chee-arc-light/wiki/Installation are you accessing the PACS from the same OpenSUSE computer or from another? Does your connection go through a PROXY that might be blocking connections to port 8080? You have Firewall enabled or SELINUX active, there are rules to load when you use SELINUX to run the LDAP slapd daemon without problems
Best regards
Antônio Vinícius Menezes Medeiros
Aug 16, 2017, 10:35:26 AM8/16/17
to dcm4che
Em terça-feira, 15 de agosto de 2017 18:01:56 UTC-3, Gustavo Fernandez Guirland escreveu:
Antonio
If you followed the steps of https://github.com/dcm4che/dcm4chee-arc-light/wiki/Installation are you accessing the PACS from the same OpenSUSE computer or from another?
Client and server are the same computer: I installed WildFly, PostgreSQL, DCM4CHEE, etc on my openSUSE desktop. Everything I access using localhost. It is just for testing/development, we want to rise an actual server, a XenServer virtual machine, if everything goes fine.
Does your connection go through a PROXY that might be blocking connections to port 8080?
No, I don't use a proxy.
You have Firewall enabled
I haven't setup firewall on my desktop:
# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
or SELINUX active, there are rules to load when you use SELINUX to run the LDAP slapd daemon without problems
Good question! I've never touched SELinux, I don't even know what it does, I only know it is something about security. I'm going to check it.
But I don't think there is something impeding my access to the LDAP service, as I'm able to connect to it using Apache Directory Studio.
I configured a different Directory Base DN than dc=dcm4che,dc=org, but I replaced all occurrences of dc=dcm4che,dc=org during LDAP setup, as instructed at Import default configuration into LDAP Server. My Directory Base DN is dc=pacs,dc=heufpel,dc=com,dc=br. It is not a problem, is it?
Do you have any other idea?
Is there any log where I could get an output more verbose than just "Forbidden"? Either from WildFly or DCM4CHEE?
gunterze
Aug 16, 2017, 10:54:26 AM8/16/17
to dcm4che
Guess you built a secured version! Does the error also occurs with dcm4chee-arc-5.10.4-psql/deploy/dcm4chee-arc-5.10.4-psql.zip from the binary distribution package?
Antônio Vinícius Menezes Medeiros
Aug 17, 2017, 1:26:34 PM8/17/17
to dcm4che
Em quarta-feira, 16 de agosto de 2017 11:35:26 UTC-3, Antônio Vinícius Menezes Medeiros escreveu:
Em terça-feira, 15 de agosto de 2017 18:01:56 UTC-3, Gustavo Fernandez Guirland escreveu:You have Firewall enabledI haven't setup firewall on my desktop:# iptables -LChain INPUT (policy ACCEPT)target prot opt source destinationChain FORWARD (policy ACCEPT)target prot opt source destinationChain OUTPUT (policy ACCEPT)target prot opt source destinationor SELINUX active, there are rules to load when you use SELINUX to run the LDAP slapd daemon without problemsGood question! I've never touched SELinux, I don't even know what it does, I only know it is something about security. I'm going to check it.
I googled about SELinux and how to find whether it is installed/enabled, and the following commands returned command not found:
# getenforce
If 'getenforce' is not a typo you can use command-not-found to lookup the package that contains it, like this:
cnf getenforce
# sestatus
If 'sestatus' is not a typo you can use command-not-found to lookup the package that contains it, like this:
cnf sestatus
# selinux-ready
If 'selinux-ready' is not a typo you can use command-not-found to lookup the package that contains it, like this:
cnf selinux-ready
So, I conclude I don't have SELinux installed.
Antônio Vinícius Menezes Medeiros
Aug 17, 2017, 2:24:08 PM8/17/17
to dcm4che
Em quarta-feira, 16 de agosto de 2017 11:54:26 UTC-3, gunterze escreveu:
Guess you built a secured version! Does the error also occurs with dcm4chee-arc-5.10.4-psql/deploy/dcm4chee-arc-5.10.4-psql.zip from the binary distribution package?
No! I downloaded the binary distribution from here:
I deleted my WildFly installation and installed WildFly again, repeating all the steps involving WildFly. I ended up with what seems a working PACS:
http://localhost:8080/dcm4chee-arc/ui2 shows me what I attached. I believe it is the expected result. You hit the nail on the head!
As we want to customize DCM4CHEE (translate it to Brazilian Portuguese, for example), we need to build and deploy from source. What may I have done wrong?
To compile DCM4CHEE, I used:
$ git clone https://github.com/dcm4che/dcm4che.git
$ cd dcm4che
$ git checkout 5.10.4-dcm4chee-arc-light
$ mvn install
$ cd ..
$ cd dcm4chee-arc-light
$ git checkout 5.10.4
$ mvn install -D db=psql
Now I remember that Maven have complained about a folder that didn't exist, I had created it manually:
$ mkdir -p dcm4chee-arc-ui2/target/webapp
Maybe that helps us finding what went wrong.
Thank you in advance!
Antônio Vinícius Menezes Medeiros
Aug 29, 2017, 9:07:35 AM8/29/17
to dcm4che
Now using 5.10.5 it worked for me!
Here is how to build dcm4chee and install from source, instead of install from the downloaded binary:
$ git clone https://github.com/dcm4che/dcm4che.git
$ cd dcm4che
$ git checkout 5.10.5
$ mvn install
$ cd ..
$ cd dcm4chee-arc-light
$ git checkout 5.10.5
$ mvn install -D db=psql
$ cd dcm4chee-arc-assembly/target
$ unzip dcm4chee-arc-5.10.5-psql.zip
$ DCM4CHEE_ARC="$(pwd)/dcm4chee-arc-5.10.5-psql"
Then, with the DCM4CHEE_ARC environment variable set, one can follow instructions at https://github.com/dcm4che/dcm4chee-arc-light/wiki/Installation to install.
But I miss the facility of using the WildFly Maven Plugin to deploy to the application server. For instance:
Deploying that example application to WildFly is just a matter of:
$ mvn clean install wildfly:deploy
I'm going to investigate how that could be achieved for dcm4chee and open an issue / pull request.
Thank you for your help!
Reply all
Reply to author
Forward
0 new messages