OHIF with dcm4chee-arc-psql:5.25.0-secure (docker compose)

1,524 views
Skip to first unread message

toufic...@gmail.com

unread,
May 2, 2022, 2:54:49 PM5/2/22
to dcm4che
Dears,

dcm4chee-arc-psql:5.26.0-secure
dcm4che/keycloak:16.1.1
ohif/viewer:latest

Anybody was able to connect OHIF (by configuring the app-config.js) to connect to dcm4chee secure restful services?
All web content didn't work for me.


Thanks for your feedback...

fleetwoodfc

unread,
May 2, 2022, 4:15:13 PM5/2/22
to dcm4che
Example app-config.js snippet.
Note: qidoSupportsIncludeField: false  and the oidc section to talk to keycloak.
In the keycloak dcm4che realm register the 'ohif-viewer' as an OIDC client.
.....
servers: {
  dicomWeb: [
    {
      name: 'DCM4CHEE',
      wadoUriRoot: 'https://<dcm4chee-host-ip>:8443/dcm4chee-arc/aets/DCM4CHEE/wado',
      qidoRoot: 'https://<dcm4chee-host-ip>:8443/dcm4chee-arc/aets/DCM4CHEE/rs',
      wadoRoot: 'https://<dcm4chee-host-ip>:8443/dcm4chee-arc/aets/DCM4CHEE/rs',
      qidoSupportsIncludeField: false,
      imageRendering: 'wadors',
      thumbnailRendering: 'wadors',
      enableStudyLazyLoad: true,
      supportsFuzzyMatching: true,
    },
  ],
},

// This is an array, but we'll only use the first entry for now
oidc: [
  {
    // ~ REQUIRED
    // Authorization Server URL
    authority: 'https://<keycloak-host-ip>:8843/auth/realms/dcm4che',
    client_id: 'ohif-viewer',
    redirect_uri: 'https://<ohif-viewer-ip>:3000/callback', // `OHIFStandaloneViewer.js`
    // "Authorization Code Flow"
    // Resource: https://medium.com/@darutk/diagrams-of-all-the-openid-connect-flows-6968e3990660
    response_type: 'code',
    scope: 'openid', // email profile openid
    // ~ OPTIONAL
    post_logout_redirect_uri: '/logout-redirect.html',
  },
],.......

Toufic N. MOKBEL

unread,
May 3, 2022, 5:43:40 AM5/3/22
to dcm...@googlegroups.com
Dear,

Thanks a lot !!
Now the OHIF is requesting login to access it and it is working fine!!

Is there a possibility for OHIF to just call the secure Restful, without requesting also keycloak login on the UI?
My intention is to have a call to :
http://url:3000/viewer/1.2.840.113619.2.144.3994023897.23669.1083686761.166 to open the study directly without adding user/pass, I just need OHIF to connect to WADO from the backend.


--
You received this message because you are subscribed to a topic in the Google Groups "dcm4che" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/dcm4che/vuWPQDSimnc/unsubscribe.
To unsubscribe from this group and all its topics, send an email to dcm4che+u...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/dcm4che/adf490c1-bed0-49eb-8d54-3aee0b64d320n%40googlegroups.com.

toufic...@gmail.com

unread,
Jul 3, 2022, 2:38:33 PM7/3/22
to dcm4che
Any update on this issue?

Floyd Yoshimoto

unread,
Aug 1, 2022, 4:26:41 PM8/1/22
to dcm4che
Toufic,
Did you have to update the Keycloak client information to get OHIF to work?  I am struggling to get OHIF in to launch to the secure DCM4CHEE instance.
Can I ask what your URL is to call the OHIF instance?  Is it https://<ohif-viewer-ip>:3000 ?

fleetwoodfc

unread,
Aug 5, 2022, 1:52:19 PM8/5/22
to dcm4che
Sign in with User/Password (default is root/changeit) at the Realm Admin Console of Keycloak at https://<docker-host>:8843/dcm4che/console then create a client entry with ID 'ohif-viewer '.  e.g.  Screen Shot 2022-08-05 at 1.43.52 PM.png

Floyd Yoshimoto

unread,
Aug 5, 2022, 2:19:45 PM8/5/22
to dcm...@googlegroups.com
Thank you for responding!

I saw your post for the update to the app-config.js file here:
I didnt understand the redirect uri line: redirect_uri: 'https://<ohif-viewer-ip>:3000/callback', // `OHIFStandaloneViewer.js`

https://<ohif-viewer>:3000/callback

Should it not be http://<ohif-viewer:3000> ???
what is the "callback" link used for?

When I make the change below, I get the following error:
image.png
image.png

Am I missing something?

Here is my keycloak entry:
image.png

image.png

fleetwoodfc

May 2, 2022, 10:15:13 AM
to dcm4che

PRIVILEGED AND CONFIDENTIAL: This document and the information contained herein are confidential and protected from disclosure pursuant to Federal law. This message is intended only for the use of the Addressee(s) and may contain information that is PRIVILEGED and CONFIDENTIAL. If you are not the intended recipient, you are hereby notified that the use, dissemination, or copying of this information is strictly prohibited. If you received this communication in error, please erase all copies of  the message and its attachments and notify the sender immediately.

fleetwoodfc

unread,
Aug 5, 2022, 5:50:01 PM8/5/22
to dcm4che
Might be related to your Web Origin setting  - Configure Web Origin in Keycloak

Floyd Yoshimoto

unread,
Aug 5, 2022, 8:28:13 PM8/5/22
to dcm4che
2022-08-05 14_26_29-Keycloak Admin Console.png
I have it set with a "*" but still receiving the error.

Marcelo Díaz O.

unread,
Oct 9, 2022, 12:16:51 PM10/9/22
to dcm4che
any update?

keycloack config? and config_app.js for OHIF example?

same issue CORS  OHIF with dcm4chee-arc-psql:5.28.0-secure

on WEASIS 4.0.2 can access to the resfull service with dcm4chee-secure  with this url:

weasis://$dicom:rs --url "{{http://<docker-host>:8080}}{{qidoBasePath}}" -r "studyUID={{studyUID}}" --query-ext "&includedefaults=false" -H "Authorization: Bearer {{access_token}}"

related :
Thanks!
Reply all
Reply to author
Forward
0 new messages