Skip to content

Authorize by External Service

Jump to bottom Edit New page
Vrinda edited this page Mar 27, 2023 · 1 revision

Overview

Archive queries configured external RESTful service for storage permission before objects are stored. External Service shall authorize if objects being stored to the archive are valid or not. Objects are only stored if the response received back from the Store Permission Provider matches with the regular expression configured for store permission service response pattern.

Configuration

Using Archive UI

  1. Go to Menu->Configuration, then on Devices page, Edit the dcm4chee-arc device. Go to Extensions and
    Edit extension of Device Extension. Again go to its Extensions and Edit extension of Archive Device.
  2. Enter values in fields Store Permission Service URL, Store Permission Service Response Pattern, Store Permission Cache Stale Timeout, Store Permission Cache Size, Store Permission Service Expiration Date Pattern, Store Permission Service Error Comment Pattern and Store Permission Service Error Code Pattern as required by one's application needs and Save.

Using LDAP

One may either

  • create a LDIF file (e.g.):

      version: 1
  dn: dicomDeviceName=dcm4chee-arc,cn=Devices,cn=DICOM Configuration,dc=dcm4che,dc=org
  changetype: modify
  add: dcmStorePermissionServiceURL
  dcmStorePermissionServiceURL: http://host.name/storage-permission/study/{0020000D}?patientId={00100020}&patientIdIssuer={00100021}&studyDescription={00081030}
  -
  
  dn: dicomDeviceName=dcm4chee-arc,cn=Devices,cn=DICOM Configuration,dc=dcm4che,dc=org
  changetype: modify
  add: dcmStorePermissionServiceResponsePattern
  dcmStorePermissionServiceResponsePattern: "validation"\s*:\s*"true"
  -
  
  dn: dicomAETitle=DCM4CHEE,dicomDeviceName=dcm4chee-arc,cn=Devices,cn=DICOM Configuration,dc=dcm4che,dc=org
  changetype: modify
  add: dcmStorePermissionServiceExpirationDatePattern
  dcmStorePermissionServiceExpirationDatePattern: "expirationdate"\s*:\s*"([0-9]{8})"
  -
  
  dn: dicomDeviceName=dcm4chee-arc,cn=Devices,cn=DICOM Configuration,dc=dcm4che,dc=org
  changetype: modify
  add: dcmStorePermissionServiceErrorCodePattern
  dcmStorePermissionServiceErrorCodePattern: "errorcode"\s*:\s*"(\p{XDigit}{4})"
  -
  
  dn: dicomDeviceName=dcm4chee-arc,cn=Devices,cn=DICOM Configuration,dc=dcm4che,dc=org
  changetype: modify
  add: dcmStorePermissionServiceErrorCommentPattern
  dcmStorePermissionServiceErrorCommentPattern: "errorcomment"\s*:\s*"(.*)"
  -
  
  dn: dicomAETitle=DCM4CHEE,dicomDeviceName=dcm4chee-arc,cn=Devices,cn=DICOM Configuration,dc=dcm4che,dc=org
  changetype: modify
  add: dcmStorePermissionCacheStaleTimeout
  dcmStorePermissionCacheStaleTimeout: PT5M
  -
  
  dn: dicomAETitle=DCM4CHEE,dicomDeviceName=dcm4chee-arc,cn=Devices,cn=DICOM Configuration,dc=dcm4che,dc=org
  changetype: modify
  add: dcmStorePermissionCacheSize
  dcmStorePermissionCacheSize: 10
  -

    and import it to the LDAP Server by using the ldapmodify command line utility.

  • or use the Add Attribute... and Add Value... function of Apache Directory Studio to add first 5 attributes on Device Level (e.g.: dicomDeviceName=dcm4chee-arc) or on Application Entity Level (e.g: dicomAETitle=DCM4CHEE) of the Archive Configuration. Note that the last 2 attributes can be added only on Device Level.

One may refer to Archive Device to understand the description of attributes.

Refer ISO-8601 Duration format for more know-how on Durations.

Go to the Control tab on Configuration page in archive UI and reload the configuration.

Add a custom footer

DCM4CHEE 5 Documentation

Clone this wiki locally