Migrate from dcm4chee-arc-light 5 unsecured to secure-ui

[Mike Kephart]

Hello,

I've installed the "plain" unsecured dcm4chee-arc-5.18.0-psql and realize that I probably wanted dcm4chee-arc-5.18.0-psql-secure-ui version, so I can manage username/password authenticated web access and the more granular operational controls.

What is the right (and hopefully simplest) way to migrate the Secure UI version?

-MikeK

[gunterze]

Shutdown all containers:

$ docker-compose -p dcm4chee-arc down

Update your docker-compose.yml:

$ git diff 5.18.0 5.18.0-secure-ui -- docker-compose.yml
diff --git a/docker-compose.yml b/docker-compose.yml
index 91735e5..50caeb2 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -11,6 +11,26 @@ services:
       - /etc/timezone:/etc/timezone:ro
       - /var/local/dcm4chee-arc/ldap:/var/lib/ldap
       - /var/local/dcm4chee-arc/slapd.d:/etc/ldap/slapd.d
+  keycloak:
+    image: dcm4che/keycloak:6.0.1-17.1
+    ports:
+      - "8880:8880"
+      - "8843:8843"
+      - "8990:8990"
+      - "8993:8993"
+    env_file: docker-compose.env
+    environment:
+      HTTP_PORT: 8880
+      HTTPS_PORT: 8843
+      MANAGEMENT_HTTP_PORT: 8990
+      MANAGEMENT_HTTPS_PORT: 8993
+      KEYCLOAK_WAIT_FOR: ldap:389
+    depends_on:
+      - ldap
+    volumes:
+      - /etc/localtime:/etc/localtime:ro
+      - /etc/timezone:/etc/timezone:ro
+      - /var/local/dcm4chee-arc/keycloak:/opt/keycloak/standalone
   db:
     image: dcm4che/postgres-dcm4chee:11.2-18
     ports:
@@ -21,7 +41,7 @@ services:
       - /etc/timezone:/etc/timezone:ro
       - /var/local/dcm4chee-arc/db:/var/lib/postgresql/data
   arc:
-    image: dcm4che/dcm4chee-arc-psql:5.18.0
+    image: dcm4che/dcm4chee-arc-psql:5.18.0-secure-ui
     ports:
       - "8080:8080"
       - "8443:8443"
@@ -32,13 +52,12 @@ services:
       - "2575:2575"
     env_file: docker-compose.env
     environment:
-      WILDFLY_ADMIN_USER: admin
-      WILDFLY_ADMIN_PASSWORD: admin
       WILDFLY_CHOWN: /opt/wildfly/standalone /storage
       WILDFLY_WAIT_FOR: ldap:389 db:5432
       JAVA_OPTS: -Xms64m -Xmx512m -XX:MetaspaceSize=96M -XX:MaxMetaspaceSize=256m -Djava.net.preferIPv4Stack=true -agentlib:jdwp=transport=dt_socket,address=*:8787,server=y,suspend=n
     depends_on:
       - ldap
+      - keycloak
       - db
     volumes:
       - /etc/localtime:/etc/localtime:ro

Delete previous Wildfly configuration and deployment directory:

$ sudo rm -r /var/local/dcm4chee-arc/wildfly/configuration/

$ sudo rm -r /var/local/dcm4chee-arc/wildfly/deployments/

Continue with 3. Create and start the 4 containers by invoking

$ docker-compose -p dcm4chee up -d

as descriped at the Wiki Page: Run secured archive services on a single host

[Mike Kephart]

Gunter,

Thanks for the reply, but I'm not using docker - I installed manually onto an Ubuntu Linux using the https://github.com/dcm4che/dcm4chee-arc-light/wiki/Installation instructions.

I diff'ed the two unzipped distributions and it appears only the deploy/dcm4chee-arc-ear-5.18.0-psql.ear files differ.

Can "undeploy" the "unsecure" .ear and deploy the ui-secure version of the .ear?

-MikeK

[Gunter Zeilinger]

Then you have to manually install the Keycloak adapter in Wildfly, configure the adapter for the secured war, and install Standalone Keycloak server or Keycloak Overlay. s. https://github.com/dcm4che/dcm4chee-arc-light/wiki/Secure-Archive-UI-and-RESTful-Services-using-Keycloak

Sent with ProtonMail Secure Email.

‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐

--

You received this message because you are subscribed to the Google Groups "dcm4che" group.

To unsubscribe from this group and stop receiving emails from it, send an email to dcm4che+u...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/dcm4che/ae687bb0-c541-4382-9656-c21f40d6c351%40googlegroups.com.