Store Access Control - dcm4che/dcm4chee-arc-light GitHub Wiki

Overview

Configuring Store Access Control ID defines which access_control_id will be assigned to a study (in database). It can be done in following two ways :

  • Configuring directly on Application Entity
  • Using Store Access Control ID Rule(s)

Note :

  • Value configured for dcmStoreAccessControlID (if using LDAP) or Store Access Control ID (if using UI) will be assigned to the study in database.
  • If Store Access Control is not configured by any of the two ways mentioned above, then * value is assigned to the study in database, which means any Application Entity can access the study.

Configuring directly on Application Entity

Configuration Using Archive UI

  1. Go to Menu->Configuration, then on Devices page, Edit the dcm4chee-arc device. Go to Child objects and select DCM4CHEE from the dropdown of Network AEs.
  2. Next go to Extensions and Edit extension of Network AE Extension, then go to Extensions and Edit Extension of Archive Network AE. As per one's application needs, enter values in field Store Access Control ID and Save.

By default DCM4CHEE AE has a web application configured and associated to it, to enable querying for studies using DICOM Web Services (QIDO). If a different AE has been created, ensure that Web Application is also configured for the same.

Configuration Using LDAP

One may either

  • create a LDIF file (e.g.):

    version: 1
    dn: dicomAETitle=DCM4CHEE1,dicomDeviceName=dcm4chee-arc,cn=Devices,cn=DICOM Configuration,dc=dcm4che,dc=org
    changetype: modify
    add: dcmStoreAccessControlID
    dcmStoreAccessControlID: Customer1
    
    dn: dicomAETitle=DCM4CHEE2,dicomDeviceName=dcm4chee-arc,cn=Devices,cn=DICOM Configuration,dc=dcm4che,dc=org
    changetype: modify
    add: dcmStoreAccessControlID
    dcmStoreAccessControlID: Customer2
    

    and import it to the LDAP Server by using the ldapmodify command line utility.

  • or use the Add Attribute... and Add Value... function of Apache Directory Studio to add attributes on Application Entity Level (e.g: dicomAETitle=DCM4CHEE) in the Archive Configuration.

One may refer to Archive Network AE to understand the description of attributes.

Go to the Control tab on Configuration page in archive UI and reload the configuration.

Using Store Access Control Rule

Configuration Using Archive UI

  1. Select the level to add Store Access Control Rules :
    • Archive device level : Rule will be applied to objects received by any AE of this device.

      Go to Menu->Configuration, then on Devices page, Edit the dcm4chee-arc device. Edit extension of Device Extension, then Edit extension of Archive device. Go to Child Objects and select + for adding Store Access Control Rules.

    • Archive Application Entity extension level : Rule will be applied only to objects received by this AE

      Go to Menu->Configuration, then on Devices page and Edit the dcm4chee-arc device. Go to Child Objects and select the Network AE for which the Attribute Coercion needs to be configured. Edit extension of Network AE Extension, then Edit extension of Archive Network AE. Go to Child Objects and select + for adding Store Access Control Rules.

  2. Enter values in fields Name and Store Access Control ID. You may choose to enter values for optional fields Priority and Conditions based on your application.

Configuration Using LDAP

Note : As an example, the InstitutionName DICOM attribute and its corresponding value in DICOM object is used. Change as required for your application.

One may either

  • create a LDIF file (e.g.):

    version: 1
    dn: cn=StoreAccessControlIDRule1,dicomDeviceName=dcm4chee-arc,cn=Devices,cn=DICOM Configuration,dc=dcm4che,dc=org
    changetype: add
    objectClass: dcmStoreAccessControlIDRule
    cn: StoreAccessControlIDRule1
    dcmStoreAccessControlID: INSTITUTION_ANY
    dcmProperty: SendingApplicationEntityTitle=ACCESS_CONTROL_ANY
    dcmProperty: InstitutionName=InstitutionAny
    
    dn: cn=StoreAccessControlIDRule2,dicomAETitle=DCM4CHEE3,dicomDeviceName=dcm4chee-arc,cn=Devices,cn=DICOM Configuration,dc=dcm4che,dc=org
    changetype: add
    objectClass: dcmStoreAccessControlIDRule
    cn: StoreAccessControlIDRule1
    dcmStoreAccessControlID: INSTITUTION_MAIN
    dcmProperty: InstitutionName=InstitutionMain
    

    and import it to the LDAP Server by using the ldapmodify command line utility.

  • or use the Add Attribute... and Add Value... function of Apache Directory Studio to add attributes on Application Entity Level (e.g: dicomAETitle=DCM4CHEE) in the Archive Configuration.

One may refer to Store Access Control Rule to understand the description of attributes.

Go to the Control tab on Configuration page in archive UI and reload the configuration.

⚠️ **GitHub.com Fallback** ⚠️