Store Access Control - dcm4che/dcm4chee-arc-light GitHub Wiki

Overview

Configuring Store Access Control ID defines which access_control_id will be assigned to a study (in database). It can be done in following two ways :

  • Configuring directly on Application Entity
  • Using Store Access Control ID Rule(s)

Note :

  • Value configured for dcmStoreAccessControlID (if using LDAP) or Store Access Control ID (if using UI) will be assigned to the study in database.
  • If Store Access Control is not configured by any of the two ways mentioned above, then * value is assigned to the study in database, which means any Application Entity can access the study.

Configuring directly on Application Entity

Configuration Using Archive UI

  1. Go to Menu->Configuration, then on Devices page, Edit the dcm4chee-arc device. Go to Child objects and select DCM4CHEE from the dropdown of Network AEs.
  2. Next go to Extensions and Edit extension of Network AE Extension, then go to Extensions and Edit Extension of Archive Network AE. As per one's application needs, enter values in field Store Access Control ID and Save.

By default DCM4CHEE AE has a web application configured and associated to it, to enable querying for studies using DICOM Web Services (QIDO). If a different AE has been created, ensure that Web Application is also configured for the same.

Configuration Using LDAP

One may either

  • create a LDIF file (e.g.):

    version: 1
dn: dicomAETitle=DCM4CHEE1,dicomDeviceName=dcm4chee-arc,cn=Devices,cn=DICOM Configuration,dc=dcm4che,dc=org
changetype: modify
add: dcmStoreAccessControlID
dcmStoreAccessControlID: Customer1

dn: dicomAETitle=DCM4CHEE2,dicomDeviceName=dcm4chee-arc,cn=Devices,cn=DICOM Configuration,dc=dcm4che,dc=org
changetype: modify
add: dcmStoreAccessControlID
dcmStoreAccessControlID: Customer2

    and import it to the LDAP Server by using the ldapmodify command line utility.

  • or use the Add Attribute... and Add Value... function of Apache Directory Studio to add attributes on Application Entity Level (e.g: dicomAETitle=DCM4CHEE) in the Archive Configuration.

One may refer to Archive Network AE to understand the description of attributes.

Go to the Control tab on Configuration page in archive UI and reload the configuration.

Using Store Access Control Rule

Configuration Using Archive UI

  1. Select the level to add Store Access Control Rules :

    • Archive device level : Rule will be applied to objects received by any AE of this device.

      Go to Menu->Configuration, then on Devices page, Edit the dcm4chee-arc device. Edit extension of Device Extension, then Edit extension of Archive device. Go to Child Objects and select + for adding Store Access Control Rules.

    • Archive Application Entity extension level : Rule will be applied only to objects received by this AE

      Go to Menu->Configuration, then on Devices page and Edit the dcm4chee-arc device. Go to Child Objects and select the Network AE for which the Attribute Coercion needs to be configured. Edit extension of Network AE Extension, then Edit extension of Archive Network AE. Go to Child Objects and select + for adding Store Access Control Rules.

  2. Enter values in fields Name and Store Access Control ID. You may choose to enter values for optional fields Priority and Conditions based on your application.

Configuration Using LDAP

Note : As an example, the InstitutionName DICOM attribute and its corresponding value in DICOM object is used. Change as required for your application.

One may either

  • create a LDIF file (e.g.):

    version: 1
dn: cn=StoreAccessControlIDRule1,dicomDeviceName=dcm4chee-arc,cn=Devices,cn=DICOM Configuration,dc=dcm4che,dc=org
changetype: add
objectClass: dcmStoreAccessControlIDRule
cn: StoreAccessControlIDRule1
dcmStoreAccessControlID: INSTITUTION_ANY
dcmProperty: SendingApplicationEntityTitle=ACCESS_CONTROL_ANY
dcmProperty: InstitutionName=InstitutionAny

dn: cn=StoreAccessControlIDRule2,dicomAETitle=DCM4CHEE3,dicomDeviceName=dcm4chee-arc,cn=Devices,cn=DICOM Configuration,dc=dcm4che,dc=org
changetype: add
objectClass: dcmStoreAccessControlIDRule
cn: StoreAccessControlIDRule1
dcmStoreAccessControlID: INSTITUTION_MAIN
dcmProperty: InstitutionName=InstitutionMain

    and import it to the LDAP Server by using the ldapmodify command line utility.

  • or use the Add Attribute... and Add Value... function of Apache Directory Studio to add attributes on Application Entity Level (e.g: dicomAETitle=DCM4CHEE) in the Archive Configuration.

One may refer to Store Access Control Rule to understand the description of attributes.

Go to the Control tab on Configuration page in archive UI and reload the configuration.

Add a custom footer
⚠️ **GitHub.com Fallback** ⚠️