weasis http basic auth

[Rajul Shah]

Hi,

I am using apache basic auth to restrict access to our chee, wado and pacs-connector which are sitting behind the firewall and on the same server and are proxied via apache (thanks to earlier email thread for pointers ). We are using weasis (2.05)  to view the images.

1. We have the proxy and basic auth working when the user access the url: http://server.com/weasis-pacs-connector/viewer?patientID=ABC-123

2. The jnlp is downloaded after successful basic auth.

3. Once the jnlp is opened (java webstart) it pops up the basic auth window in java asking for credentials

4. Once the basic auth is successful weasis displays all images successfully.

Question:

How do we pass parameter to weasis such that we can embed the basic auth in the URL i.e

http://user:pass...@server.com such the subsequently generated jnlp will not ask for the same information when weasis is loading images

I have looked at jnlp modification options https://github.com/nroduit/weasis-pacs-connector but not gotten very far. Any pointers appreciated

[Nicolas Roduit]

The authentication in an URL is the old way to do and most of system doesn't support it anymore. It should be passed through the http header. This job must be done by your proxy system.

In weasis-pacs-connector configuration, you can add values in the http headers with the parameters "wado.httpTags=" but it is less recommended than the proxy management because the values will transit to the client.

And if you have a proxy for handling authentication and redirection, do not forget to set the proxy hostname in the parameter "hosts.allow=".

Le dimanche 29 novembre 2015 01:55:10 UTC+1, Rajul Shah a écrit :

Hi,

I am using apache basic auth to restrict access to our chee, wado and pacs-connector which are sitting behind the firewall and on the same server and are proxied via apache (thanks to earlier email thread for pointers ). We are using weasis (2.05)  to view the images.

1. We have the proxy and basic auth working when the user access the url: http://server.com/weasis-pacs-connector/viewer?patientID=ABC-123

2. The jnlp is downloaded after successful basic auth.

3. Once the jnlp is opened (java webstart) it pops up the basic auth window in java asking for credentials

4. Once the basic auth is successful weasis displays all images successfully.

Question:

How do we pass parameter to weasis such that we can embed the basic auth in the URL i.e

http://user:password@server.com such the subsequently generated jnlp will not ask for the same information when weasis is loading images

[Adrian Schiopu]

Hello,

Please be more specific with including credentials in http header

I use  the orthanc server, and require autentification. 

I use Weasis 3.5.3 installed from Microsoft store

When the server does not require credentials,  weasis  work fine, no problems, but when I modify it to require user and pass, the weasis  doesn't download the images, only show the patients, and studies.

Thanks in advance

[Adrian Schiopu]

Updated:

I found https://www.blitter.se/utils/basic-authentication-header-generator/ 

and I genearated a Basic authorization and I entered in HTTP headers ...

Doesn't work...

[Adrian Schiopu]

Updated:

IT WORK !!!

The code is generated with  https://www.blitter.se/utils/basic-authentication-header-generator/ 

and the correct syntax is presented in attached file

[Nicolas Roduit]

FYI, it is possible to have a more straightforward integration without weasis-pacs-connector. see:

• https://groups.google.com/d/msg/orthanc-users/6yldEAr8SDo/oTDxMnHQAwAJ
• https://nroduit.github.io/en/basics/customize/integration/#orthanc-web-server

The command dicom:rs allows passing headers with the option "-H"