Mercurial > hg > orthanc-book
view Sphinx/source/faq/iis.rst @ 366:12f88a12d146
hostfingerprints
author | Sebastien Jodogne <s.jodogne@gmail.com> |
---|---|
date | Wed, 01 Apr 2020 08:49:06 +0200 |
parents | 114506f51e70 |
children |
line wrap: on
line source
.. _iis: How can I run Orthanc behind Microsoft IIS? =========================================== Similarly to :ref:`Apache <apache>` and :ref:`nginx <nginx>`, Orthanc can run behind `Microsoft IIS (Internet Information Services) <https://en.wikipedia.org/wiki/Internet_Information_Services>`__ servers through reverse proxying. The instructions below are provided courtesy of `Mark Hodge <https://groups.google.com/d/msg/orthanc-users/3-b3cLBAr8U/QIePcADMAAAJ>`__. They also illustrate how to configure :ref:`HTTPS encryption <https>`. - IIS is available as a feature you can enable via the Programs and Features in non Server versions of Windows. - Add Application Request Routing 3.0. - Add URL Rewrite module 2. - In IIS Manager bind an SSL certificate to port 443 on the default web site being used for Orthanc. - Add the following ``web.config`` at the root of the default website: .. code-block:: xml <?xml version="1.0" encoding="UTF-8"?> <configuration> <system.webServer> <rewrite> <rules> <clear /> <rule name="HTTP to HTTPS redirect" stopProcessing="true"> <match url="(.*)" /> <conditions logicalGrouping="MatchAll" trackAllCaptures="false"> <add input="{HTTPS}" pattern="off" ignoreCase="true" /> </conditions> <action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="Found" /> </rule> <rule name="ReverseProxyInboundRule1" stopProcessing="true"> <match url="(.*)" /> <conditions logicalGrouping="MatchAll" trackAllCaptures="false" /> <action type="Rewrite" url="http://127.0.0.1:8042/{R:1}" /> </rule> </rules> </rewrite> </system.webServer> </configuration> - In IIS Manager Open Application Request Routing Cache click on Server Proxy Settings on the right side of the window, change the Time-out to a much higher value. eg., 3600 = 1 hour to ensure download of DICOMDIR or ZIP's doesn't time out. - To allow user authentication against an Active Directory group add the following directly after ``<configuration>`` in the above ``web.config``, grant the appropriate Active Directory group read permission on the ``wwwroot`` folder: .. code-block:: xml <system.web> <authentication mode="Windows" /> </system.web> - You also need to make sure registered users is empty in the Orthanc Configuration.json file: .. code-block:: json [...] "RegisteredUsers" : { }, [...]