15
|
1 .. _iis:
|
|
2
|
|
3 How can I run Orthanc behind Microsoft IIS?
|
|
4 ===========================================
|
|
5
|
|
6 Similarly to :ref:`Apache <apache>` and :ref:`nginx <nginx>`, Orthanc
|
|
7 can run behind `Microsoft IIS (Internet Information Services)
|
|
8 <https://en.wikipedia.org/wiki/Internet_Information_Services>`__
|
|
9 servers through reverse proxying. The instructions below are provided
|
|
10 courtesy of `Mark Hodge
|
|
11 <https://groups.google.com/d/msg/orthanc-users/3-b3cLBAr8U/QIePcADMAAAJ>`__.
|
17
|
12 They also illustrate how to configure :ref:`HTTPS encryption <https>`.
|
15
|
13
|
|
14 - IIS is available as a feature you can enable via the Programs and Features in non Server versions of Windows.
|
|
15
|
|
16 - Add Application Request Routing 3.0.
|
|
17
|
|
18 - Add URL Rewrite module 2.
|
|
19
|
|
20 - In IIS Manager bind an SSL certificate to port 443 on the default web site being used for Orthanc.
|
|
21
|
|
22 - Add the following ``web.config`` at the root of the default website:
|
|
23
|
|
24 .. code-block:: xml
|
|
25
|
|
26 <?xml version="1.0" encoding="UTF-8"?>
|
|
27 <configuration>
|
|
28 <system.webServer>
|
|
29 <rewrite>
|
|
30 <rules>
|
|
31 <clear />
|
|
32 <rule name="HTTP to HTTPS redirect" stopProcessing="true">
|
|
33 <match url="(.*)" />
|
|
34 <conditions logicalGrouping="MatchAll" trackAllCaptures="false">
|
|
35 <add input="{HTTPS}" pattern="off" ignoreCase="true" />
|
|
36 </conditions>
|
|
37 <action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="Found" />
|
|
38 </rule>
|
|
39 <rule name="ReverseProxyInboundRule1" stopProcessing="true">
|
|
40 <match url="(.*)" />
|
|
41 <conditions logicalGrouping="MatchAll" trackAllCaptures="false" />
|
|
42 <action type="Rewrite" url="http://127.0.0.1:8042/{R:1}" />
|
|
43 </rule>
|
|
44 </rules>
|
|
45 </rewrite>
|
|
46 </system.webServer>
|
|
47 </configuration>
|
|
48
|
|
49 - In IIS Manager Open Application Request Routing Cache click on
|
|
50 Server Proxy Settings on the right side of the window, change the
|
|
51 Time-out to a much higher value. eg., 3600 = 1 hour to ensure
|
|
52 download of DICOMDIR or ZIP's doesn't time out.
|
|
53
|
|
54 - To allow user authentication against an Active Directory group add
|
|
55 the following directly after ``<configuration>`` in the above
|
|
56 ``web.config``, grant the appropriate Active Directory group read
|
|
57 permission on the ``wwwroot`` folder:
|
|
58
|
|
59 .. code-block:: xml
|
|
60
|
|
61 <system.web>
|
|
62 <authentication mode="Windows" />
|
|
63 </system.web>
|
|
64
|
|
65 - You also need to make sure registered users is empty in the Orthanc Configuration.json file:
|
|
66
|
|
67 .. code-block:: json
|
|
68
|
|
69 [...]
|
|
70 "RegisteredUsers" : { },
|
|
71 [...]
|