Upgrade Secured
Vrinda edited this page Mar 27, 2023
·
1 revision
Upgrade Database and LDAP. In addition to upgrading Wildfly below upgrade also needs to be done for secured archive.
Content
NOTE : If upgrading from any older versions to 5.16.1 (or newer versions), complete new setup of Wildfly is required. QueryDSL JBoss module is no longer supported.
-
In v5.19.1, following configurations for Invoke Image Display URLs have changed. Invoke Image Display URLs : The LDAP attribute which referenced the Invoke Image Display Patient URL (
dcmInvokeImageDisplayPatientURL) and Invoke Image Display Study URL (dcmInvokeImageDisplayStudyURL) used either on Archive Device or Archive Network AE level have been now removed and no longer supported. This has been now moved on Web Application level, where it can be set using Property (dcmProperty) in the format<name>=<value>.Replace any existing configuration
Name (LDAP Attribute) Configured on Level Value (example) Invoke Image Display Patient URL (dcmInvokeImageDisplayPatientURL) Archive Device or Archive Network AE http(s)://:/IHEInvokeImageDisplay?requestType=PATIENT&patientID={}&access_token={} Invoke Image Display Study URL (dcmInvokeImageDisplayStudyURL) Archive Device or Archive Network AE http(s)://:/IHEInvokeImageDisplay?requestType=STUDY&studyUID={}&access_token={} By Either (For only UI secured)
Name (LDAP Attribute) Configure on Level Value (example) Property (dcmProperty) Web Application IID_PATIENT_URL=weasis://$dicom:rs --url "{{qidoBaseURL}}{{qidoBasePath}}" -r "patientID={{patientID}}" --query-ext "&includedefaults=false" Property (dcmProperty) Web Application IID_STUDY_URL=weasis://$dicom:rs --url "{{qidoBaseURL}}{{qidoBasePath}}" -r "studyUID={{studyUID}}" --query-ext "&includedefaults=false" Property (dcmProperty) Web Application IID_URL_TARGET=_self Or (For both UI & RESTful secured)
Name (LDAP Attribute) Configure on Level Value (example) Property (dcmProperty) Web Application IID_PATIENT_URL=weasis://$dicom:rs --url "{{qidoBaseURL}}{{qidoBasePath}}" -r "patientID={{patientID}}" --query-ext "&includedefaults=false" -H "Authorization: Bearer {{access_token}} Property (dcmProperty) Web Application IID_STUDY_URL=weasis://$dicom:rs --url "{{qidoBaseURL}}{{qidoBasePath}}" -r "studyUID={{studyUID}}" --query-ext "&includedefaults=false" -H "Authorization: Bearer {{access_token}}" Property (dcmProperty) Web Application IID_URL_TARGET=_self
- Start WildFly in standalone mode with the correct configuration file:
> $WILDFLY_HOME/bin/standalone.sh -c dcm4chee-arc.xml [UNIX] > %WILDFLY_HOME%\bin\standalone.bat -c dcm4chee-arc.xml [Windows] - Depending on whether you have Secured UI and Unsecured RESTful services or you have Secured UI and Secured RESTful services, follow either one of them to upgrade your installation.
- Restart archive and access new secured archive.
- Undeploy old secure-ui archive and remove the old version secure-deployment from Keycloak Server subsystem using JBoss CLI.
- Upto version 5.23.2
> $WILDFLY_HOME/bin/jboss-cli.sh -c [UNIX] > %WILDFLY_HOME%\bin\jboss-cli.bat -c [Windows] [standalone@localhost:9990 /] undeploy dcm4chee-arc-ear-5.x.x-psql-secure-ui.ear [standalone@localhost:9990 /] /subsystem=keycloak/secure-deployment=dcm4chee-arc-ui2-5.x.x-secure.war:remove() - Version 5.23.3 onwards (Archive Backend and UI are separated)
> $WILDFLY_HOME/bin/jboss-cli.sh -c [UNIX] > %WILDFLY_HOME%\bin\jboss-cli.bat -c [Windows] [standalone@localhost:9990 /] undeploy dcm4chee-arc-ear-5.x.x-psql.ear [standalone@localhost:9990 /] undeploy dcm4chee-arc-ui2-5.x.x-secure.war [standalone@localhost:9990 /] /subsystem=keycloak/secure-deployment=dcm4chee-arc-ui2-5.x.x-secure.war:remove()
5.x.xshould be replaced with the old archive version that was deployed. - Upto version 5.23.2
- Restart the archive and deploy the new secure-ui archive. Also add new version secure-deployment from Keycloak Server
subsystem using JBoss CLI.
- Upto version 5.23.2
> $WILDFLY_HOME/bin/jboss-cli.sh -c [UNIX] > %WILDFLY_HOME%\bin\jboss-cli.bat -c [Windows] [standalone@localhost:9990 /] deploy $DCM4CHEE_ARC/deploy/dcm4chee-arc-ear-5.x.x-psql-secure-ui.ear [standalone@localhost:9990 /] /subsystem=keycloak/secure-deployment=dcm4chee-arc-ui2-5.x.x-secure.war/:add(realm=dcm4che,resource=dcm4chee-arc-ui,auth-server-url=http://<host>:8880/auth,ssl-required=external,public-client=true) - Version 5.23.3 onwards (Archive Backend and UI are separated)
> $WILDFLY_HOME/bin/jboss-cli.sh -c [UNIX] > %WILDFLY_HOME%\bin\jboss-cli.bat -c [Windows] [standalone@localhost:9990 /] deploy $DCM4CHEE_ARC/deploy/dcm4chee-arc-ear-5.x.x-psql.ear [standalone@localhost:9990 /] deploy $DCM4CHEE_ARC/deploy/dcm4chee-arc-ui2-5.x.x-secure.war [standalone@localhost:9990 /] /subsystem=keycloak/secure-deployment=dcm4chee-arc-ui2-5.x.x-secure.war/:add(realm=dcm4che,resource=dcm4chee-arc-ui,auth-server-url=http://<host>:8880/auth,ssl-required=external,public-client=true)
5.x.xshould be replaced with the new archive version that needs to be deployed. Also replace<host>with the hostname where your Keycloak Standalone Server is running. Note that port8880should be changed if you used a different port while configuring Keycloak Standalone Server, (see third point). - Upto version 5.23.2
- Undeploy old secure archive and remove the old version secure-deployment from Keycloak Server subsystem using JBoss CLI.
- Upto version 5.23.2
> $WILDFLY_HOME/bin/jboss-cli.sh -c [UNIX] > %WILDFLY_HOME%\bin\jboss-cli.bat -c [Windows] [standalone@localhost:9990 /] undeploy dcm4chee-arc-ear-5.x.x-psql-secure.ear [standalone@localhost:9990 /] /subsystem=keycloak/secure-deployment=dcm4chee-arc-ui2-5.x.x-secure.war:remove() [standalone@localhost:9990 /] /subsystem=keycloak/secure-deployment=dcm4chee-arc-war-5.x.x-secure.war:remove() - Version 5.23.3 onwards (Archive Backend and UI are separated)
> $WILDFLY_HOME/bin/jboss-cli.sh -c [UNIX] > %WILDFLY_HOME%\bin\jboss-cli.bat -c [Windows] [standalone@localhost:9990 /] undeploy dcm4chee-arc-ear-5.x.x-psql-secure.ear [standalone@localhost:9990 /] undeploy dcm4chee-arc-ui2-5.x.x-secure.war [standalone@localhost:9990 /] /subsystem=keycloak/secure-deployment=dcm4chee-arc-ui2-5.x.x-secure.war:remove() [standalone@localhost:9990 /] /subsystem=keycloak/secure-deployment=dcm4chee-arc-war-5.x.x-secure.war:remove()
5.x.xshould be replaced with the old archive version that was deployed. - Upto version 5.23.2
- Restart the archive and deploy new secure archive. Also add new version secure-deployment from Keycloak Server
subsystem using JBoss CLI.
- Upto version 5.23.2
> $WILDFLY_HOME/bin/jboss-cli.sh -c [UNIX] > %WILDFLY_HOME%\bin\jboss-cli.bat -c [Windows] [standalone@localhost:9990 /] deploy $DCM4CHEE_ARC/deploy/dcm4chee-arc-ear-5.x.x-psql-secure.ear [standalone@localhost:9990 /] /subsystem=keycloak/secure-deployment=dcm4chee-arc-ui2-5.x.x-secure.war/:add(realm=dcm4che,resource=dcm4chee-arc-ui,auth-server-url=http://<host>:8880/auth,ssl-required=external,public-client=true) [standalone@localhost:9990 /] /subsystem=keycloak/secure-deployment=dcm4chee-arc-war-5.x.x-secure.war/:add(realm=dcm4che,resource=dcm4chee-arc-rs,auth-server-url=http://<host>:8880/auth,ssl-required=external,bearer-only=true) - Version 5.23.3 onwards (Archive Backend and UI are separated)
> $WILDFLY_HOME/bin/jboss-cli.sh -c [UNIX] > %WILDFLY_HOME%\bin\jboss-cli.bat -c [Windows] [standalone@localhost:9990 /] deploy $DCM4CHEE_ARC/deploy/dcm4chee-arc-ear-5.x.x-psql-secure.ear [standalone@localhost:9990 /] deploy $DCM4CHEE_ARC/deploy/dcm4chee-arc-ui2-5.x.x-secure.war [standalone@localhost:9990 /] /subsystem=keycloak/secure-deployment=dcm4chee-arc-ui2-5.x.x-secure.war/:add(realm=dcm4che,resource=dcm4chee-arc-ui,auth-server-url=http://<host>:8880/auth,ssl-required=external,public-client=true) [standalone@localhost:9990 /] /subsystem=keycloak/secure-deployment=dcm4chee-arc-war-5.x.x-secure.war/:add(realm=dcm4che,resource=dcm4chee-arc-rs,auth-server-url=http://<host>:8880/auth,ssl-required=external,bearer-only=true)
5.x.xshould be replaced with the new archive version that needs to be deployed. Also replace<host>with the hostname where your Keycloak Standalone Server is running. Note that port8880should be changed if you used a different port while configuring Keycloak Standalone Server, (see third point). - Upto version 5.23.2
DCM4CHEE 5 Documentation