15
|
1 .. _iis:
|
|
2
|
|
3 How can I run Orthanc behind Microsoft IIS?
|
|
4 ===========================================
|
|
5
|
|
6 Similarly to :ref:`Apache <apache>` and :ref:`nginx <nginx>`, Orthanc
|
|
7 can run behind `Microsoft IIS (Internet Information Services)
|
|
8 <https://en.wikipedia.org/wiki/Internet_Information_Services>`__
|
|
9 servers through reverse proxying. The instructions below are provided
|
|
10 courtesy of `Mark Hodge
|
|
11 <https://groups.google.com/d/msg/orthanc-users/3-b3cLBAr8U/QIePcADMAAAJ>`__.
|
|
12
|
|
13 - IIS is available as a feature you can enable via the Programs and Features in non Server versions of Windows.
|
|
14
|
|
15 - Add Application Request Routing 3.0.
|
|
16
|
|
17 - Add URL Rewrite module 2.
|
|
18
|
|
19 - In IIS Manager bind an SSL certificate to port 443 on the default web site being used for Orthanc.
|
|
20
|
|
21 - Add the following ``web.config`` at the root of the default website:
|
|
22
|
|
23 .. code-block:: xml
|
|
24
|
|
25 <?xml version="1.0" encoding="UTF-8"?>
|
|
26 <configuration>
|
|
27 <system.webServer>
|
|
28 <rewrite>
|
|
29 <rules>
|
|
30 <clear />
|
|
31 <rule name="HTTP to HTTPS redirect" stopProcessing="true">
|
|
32 <match url="(.*)" />
|
|
33 <conditions logicalGrouping="MatchAll" trackAllCaptures="false">
|
|
34 <add input="{HTTPS}" pattern="off" ignoreCase="true" />
|
|
35 </conditions>
|
|
36 <action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="Found" />
|
|
37 </rule>
|
|
38 <rule name="ReverseProxyInboundRule1" stopProcessing="true">
|
|
39 <match url="(.*)" />
|
|
40 <conditions logicalGrouping="MatchAll" trackAllCaptures="false" />
|
|
41 <action type="Rewrite" url="http://127.0.0.1:8042/{R:1}" />
|
|
42 </rule>
|
|
43 </rules>
|
|
44 </rewrite>
|
|
45 </system.webServer>
|
|
46 </configuration>
|
|
47
|
|
48 - In IIS Manager Open Application Request Routing Cache click on
|
|
49 Server Proxy Settings on the right side of the window, change the
|
|
50 Time-out to a much higher value. eg., 3600 = 1 hour to ensure
|
|
51 download of DICOMDIR or ZIP's doesn't time out.
|
|
52
|
|
53 - To allow user authentication against an Active Directory group add
|
|
54 the following directly after ``<configuration>`` in the above
|
|
55 ``web.config``, grant the appropriate Active Directory group read
|
|
56 permission on the ``wwwroot`` folder:
|
|
57
|
|
58 .. code-block:: xml
|
|
59
|
|
60 <system.web>
|
|
61 <authentication mode="Windows" />
|
|
62 </system.web>
|
|
63
|
|
64 - You also need to make sure registered users is empty in the Orthanc Configuration.json file:
|
|
65
|
|
66 .. code-block:: json
|
|
67
|
|
68 [...]
|
|
69 "RegisteredUsers" : { },
|
|
70 [...]
|