How to upgrade DCM4CHEE 5.9.0-secure to 5.10.2-secure

441 views
Skip to first unread message

Del Turley

unread,
May 31, 2017, 5:48:51 PM5/31/17
to dcm4che
Hello Everyone,

Is there a specific guide for upgrading the secure version of DCM4CHEE ? I am attempting to upgrade from 5.9.0-secure to 5.10.2-secure. I used the guide 
to do the upgrade https://github.com/dcm4che/dcm4chee-arc-light/wiki/Upgrade. The setup I'm working with requires me to update PostgreSQL, ApacheDS 2.0.0 and WildFly deployment. Would I need to re-install the secured version of the archive such as in the guide here ? : https://github.com/dcm4che/dcm4chee-arc-light/wiki/Installation-and-Configuration

Thank you,

Del

vrinda...@j4care.com

unread,
Jun 1, 2017, 6:53:26 AM6/1/17
to dcm4che
Hi,

I'll be soon adding a page for upgrading secured version of DCM4CHEE. For now, you may follow the normal upgrade page https://github.com/dcm4che/dcm4chee-arc-light/wiki/Upgrade for upgrading Database/LDAP and also Wildfly.
Before you can start accessing the secured archive, change the version numbers in the names of secure-deployments in the keycloak subsystem in the wildfly configuration file

         <subsystem xmlns="urn:jboss:domain:keycloak:1.1">
            <secure-deployment name="dcm4chee-arc-ui2-5.x.old-secure.war">
                <realm>dcm4che</realm>
                <resource>dcm4chee-arc-ui</resource>
                <realm-public-key>realm-key</realm-public-key>
                <auth-server-url>/auth</auth-server-url>
                <credential name="secret">secret1</credential>
            </secure-deployment>
            <secure-deployment name="dcm4chee-arc-war-5.x.old-secure.war">
                <realm>dcm4che</realm>
                <resource>dcm4chee-arc-rs</resource>
                <realm-public-key>realm-key</realm-public-key>
                <auth-server-url>/auth</auth-server-url>
                <credential name="secret">secret2</credential>
            </secure-deployment>
            <secure-deployment name="dcm4chee-arr-proxy-5.x.old-secure.war">
                <realm>dcm4che</realm>
                <resource>dcm4chee-arr-proxy</resource>
                <realm-public-key>realm-key</realm-public-key>
                <auth-server-url>http://localhost:8080/auth</auth-server-url>
                <credential name="secret">secret3</credential>
            </secure-deployment>
        </subsystem>

Change the version numbers for the wars that you have in this file. Also note that with version 5.10.2, the old UI is no longer available.
So if you are having  dcm4chee-arc-ui-5.x.old-secure.war and you want to upgrade to 5.10.2 then you have to change it to dcm4chee-arc-ui2-5.10.2-secure.war
else just changing the version numbers for the war file names is fine for upgrading to versions before 5.10.2

Restart wildfly and access secured archive UI.

Del Turley

unread,
Jun 1, 2017, 9:13:57 AM6/1/17
to dcm4che
Hi Vrinda,

Thank you very much for the information.

Del

in...@linuxfabrik.ch

unread,
Jun 2, 2017, 6:30:30 AM6/2/17
to dcm4che
But for example in dcm4chee-arc-ear-5.10.2-mysql-secure-ui.ear there are only
  • dcm4chee-arc-ui2-5.10.2-secure.war
  • dcm4chee-arc-war-5.10.2-unsecure.war
available. How does this fit into the above mentioned config?


And I think you also have to update the Keycloak settings in WildFly? But again: why do we have to use a dcm4chee-arc-war-5.10.2-secure.war (and there is no such file in reality)?
  • /subsystem=keycloak/secure-deployment=dcm4chee-arc-ui2-5.10.2-secure.war/:add(realm=dcm4che,resource=dcm4chee-arc-ui,realm-public-key="...",auth-server-url=/auth)
  • /subsystem=keycloak/secure-deployment=dcm4chee-arc-ui2-5.10.2-secure.war/credential=secret:add(value="...")
  • /subsystem=keycloak/secure-deployment=dcm4chee-arc-war-5.10.2-??secure.war/:add(realm=dcm4che,resource=dcm4chee-arc-rs,realm-public-key="...",auth-server-url=/auth)
  • /subsystem=keycloak/secure-deployment=dcm4chee-arc-war-5.10.2-??secure.war/credential=secret:add(value="...")


vrinda...@j4care.com

unread,
Jun 2, 2017, 8:16:56 AM6/2/17
to dcm4che
Hi,

Your ear file name dcm4chee-arc-ear-5.10.2-mysql-secure-ui.ear itself indicates that only UI is secured so you don't need to do

  • /subsystem=keycloak/secure-deployment=dcm4chee-arc-war-5.10.2-??secure.war/:add(realm=dcm4che,resource=dcm4chee-arc-rs,realm-public-key="...",auth-server-url=/auth)
  • /subsystem=keycloak/secure-deployment=dcm4chee-arc-war-5.10.2-??secure.war/credential=secret:add(value="...")
FYI :
If you used secure-ui flag while building the project only UI is secured     :    mvn install -Ddb=mysql -P secure-ui
If you use secure flag while building the project then the war (RESTful services) is secured as well.           :    mvn install -Ddb=mysql -P secure

The above mentioned config depends on your application. If you see point no 13 in https://github.com/dcm4che/dcm4chee-arc-light/wiki/Installation-and-Configuration#installation-and-configuration it's mentioned that one may secure RESTful services as well if required by one's application

Gunter Zeilinger

unread,
Jun 2, 2017, 8:19:25 AM6/2/17
to dcm...@googlegroups.com
The CLI parameters for the secure build changed to:
mvn install -Ddb=mysql -D secure=ui
mvn install -Ddb=mysql -D secure=all

--
You received this message because you are subscribed to the Google Groups "dcm4che" group.
To unsubscribe from this group and stop receiving emails from it, send an email to dcm4che+unsubscribe@googlegroups.com.
To post to this group, send email to dcm...@googlegroups.com.
Visit this group at https://groups.google.com/group/dcm4che.
For more options, visit https://groups.google.com/d/optout.

in...@linuxfabrik.ch

unread,
Jun 2, 2017, 8:43:14 AM6/2/17
to dcm4che
Great, got it. Thank you.
Reply all
Reply to author
Forward
0 new messages