Secured Archive over HTTP
29 views
Skip to first unread message
Alex Kaisar
Jun 7, 2025, 3:01:53 PMJun 7
to dcm4che
Hello team and thank you for this wonderful software, has been more robust than any other I've tried and i wish to learn it as best as I can.
I am in need of your lights though when it comes down to keycloak for now. I've set up the archive using the docker-compose file from
https://github.com/dcm4che/dcm4chee-arc-light/wiki/Run-secured-archive-services-on-a-single-host
I've set up keycloak to work through http and i've opened up certain port forwards towards my host so i can access ports 8080(archive) and 8943(KC HTTP port).
I've set SSL Required on realm settings to none but i get the following issue.
Whenever i access the archive locally the redirect to keycloak so i can login takes me to an http URL. Whenever i try to access it through my external system it gives me a redirect towards an HTTPS port.
Giving you the URLs for reference and a screenshot of my realm settings.
EXTERNAL REQ:
http://<hostname>:8943/realms/dcm4che/protocol/openid-connect/auth?response_type=code&client_id=dcm4chee-arc-ui&redirect_uri=https%3A%2F%2F<hostname>%3A0%2Fdcm4chee-arc%2Fui2&state=cafa0b9b-feaa-4799-869e-3dfb5dbebd92&scope=openid
LOCAL REQ:
http://<hostname>:8943/realms/dcm4che/protocol/openid-connect/auth?response_type=code&client_id=dcm4chee-arc-ui&redirect_uri=http%3A%2F%2F<hostname>%3A8080%2Fdcm4chee-arc%2Fui2&state=66c10a0c-d18c-482b-aa7b-c7057dc18a63&scope=openid
And my realm settings:
I've taken any https URL out of there in case that was the problem but unfortunately it was not. Locally this config still works fine
Also if i try using the local Request externally, I can log in but im getting 403 forbidden right after so I am suspecting i've done something wrong with the keycloak settings, would appreciate any and all help.
Kind regards
I am in need of your lights though when it comes down to keycloak for now. I've set up the archive using the docker-compose file from
https://github.com/dcm4che/dcm4chee-arc-light/wiki/Run-secured-archive-services-on-a-single-host
I've set up keycloak to work through http and i've opened up certain port forwards towards my host so i can access ports 8080(archive) and 8943(KC HTTP port).
I've set SSL Required on realm settings to none but i get the following issue.
Whenever i access the archive locally the redirect to keycloak so i can login takes me to an http URL. Whenever i try to access it through my external system it gives me a redirect towards an HTTPS port.
Giving you the URLs for reference and a screenshot of my realm settings.
EXTERNAL REQ:
http://<hostname>:8943/realms/dcm4che/protocol/openid-connect/auth?response_type=code&client_id=dcm4chee-arc-ui&redirect_uri=https%3A%2F%2F<hostname>%3A0%2Fdcm4chee-arc%2Fui2&state=cafa0b9b-feaa-4799-869e-3dfb5dbebd92&scope=openid
LOCAL REQ:
http://<hostname>:8943/realms/dcm4che/protocol/openid-connect/auth?response_type=code&client_id=dcm4chee-arc-ui&redirect_uri=http%3A%2F%2F<hostname>%3A8080%2Fdcm4chee-arc%2Fui2&state=66c10a0c-d18c-482b-aa7b-c7057dc18a63&scope=openid
And my realm settings:
I've taken any https URL out of there in case that was the problem but unfortunately it was not. Locally this config still works fine
Also if i try using the local Request externally, I can log in but im getting 403 forbidden right after so I am suspecting i've done something wrong with the keycloak settings, would appreciate any and all help.
Kind regards
Reply all
Reply to author
Forward
0 new messages