When I put a token in the URL, and want authentication the osimis web viewer for my users. It seems that the only authed page is the viewer’s home page, other resources and requests will return 403, so I can’t use viewer now.
My URL and token look like this:
http://localhost:8042/osimis-viewer/app/index.html?study=bcb1b5c2-56a70934-f562d7c7-1f479d57-9adc6992&token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1NjE1NjMyNzgsImp0aSI6IjEiLCJpYXQiOjE1NjA5NTg0NzgsImlzcyI6IkVhc3lCb3NzIn0.DlVBKP9eyf-ButN4c43tle1xRp7rzK5sw00_nwC9ZqI
My config for Authentication:
{
“Authorization”: {
“WebService” : “http://localhost:9300/”,
“TokenGetArguments”: [“token”],
“TokenHttpHeaders”: [“Authorization”],
“UncheckedFolders”: [
“/osimis-viewer/”
]
}
}
Anybody have the problem or have solved this problem? Any help will be appreciated.
Please share a minimal working example if you expect someone to be able to reproduce your issue:
https://en.wikipedia.org/wiki/Minimal_working_example
Hi Ritchie,
The Osimis viewer will currently not include your query argument token in the request it sends to Orthanc. I must admit this would be a nice feature but we had no time/sponsors to implement it yet.
Right now, you can store your token in a cookie and, in a reverse-proxy, extract the token to include it in the HTTP header.
In nginx, this can be done this way:
proxy_set_header token $http_cookie[“token”];
HTH
Alain.
Thanks for your great answer, solved my problem
在 2019年6月20日星期四 UTC+8下午4:08:37,Alain Mazy写道:
HI Alain,
I am back for some help when I proxy cookie to the header as you said with my openresty server:
proxy_set_header Authorization “Bearer $cookie_token”;
403 error is gone except some URLs like below, I can’t figure out why these resources are still 403.
/osimis-viewer/images/96ff0e9b-5e7dde35-2d01f919-46db1fc9-105703cd/0/high-quality
/osimis-viewer/images/aa36dc82-b3ee296d-3b58fed0-fa11479c-01a62410/0/high-quality
在 2019年6月20日星期四 UTC+8下午4:08:37,Alain Mazy写道:
Hi Ritchie,
I just gave it a try in this test setup (https://bitbucket.org/osimis/orthanc-setup-samples/src/master/docker/authorization-plugin-viewer-query-args/) and I could not reproduce your issue.
Could you try to modify that sample in order to reproduce your issue ? (And possibly provide sample DICOM files ?)
Thx
Alain