Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

Configuration of Role Based Access Control to Studies

(provided by anonymous dcm4chee user)

  1. Define Roles in conf/dcm4chee-web/dcm4chee-webroles-cfg.xml 
    <role name="client1" type="StudyPermission" descr="Role for client 1 (Radiology)"/>
<role name="client2" type="StudyPermission" descr="role for client 2 (Neurosurgery)"/>
  2. Goto Section "User Admin" and define at least 2 Users 1 per role
  3. Goto Section AE Management and Define your Secure AET and at least one MASTER_AET
  4. Define Rules for Study Permission
    E.g.: 
    <?xml version="1.0" encoding="UTF-8"?>
<!-- Sample configuration for grant/revoke Study Permissions on Series Stored event -->
<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" version="1.0">
  <xsl:output method="xml"/>
  <xsl:param name="calling" select="'SAMPLE_MOD'"/>
  <xsl:template match="/dataset">
    <permissions>
        <xsl:variable name="studyUID" select="attr[@tag='0020000D']" />
        <xsl:variable name="seriesMOD" select="attr[@tag='00080060']" />
        <xsl:variable name="patIssuer" select="attr[@tag='00100021']" />
       <xsl:choose>
<!--
        Configuration for CT stored in client2 - Neurosurgery
-->
        <xsl:when test="$seriesMOD='CT' and not(contains(@patIssuer,'DCM4CHEE'))">
                <!-- grant Query, Read and Append permission on Study to client2 in special case -->
                <grant role="client2" action="Q,R,A" suid="{attr[@tag='0020000D']}"/>
        </xsl:when>
<!--
        Configuration for CT stored in client1 - Radiology (having ISSUER set to DCM4CHEE)          
-->
       <xsl:when test="$seriesMOD='CT' and contains(@patIssuer,'DCM4CHEE')">
                <!-- grant Query, Read and Append permission on Study to client2 in special case -->
                <grant role="client1" action="Q,R,A" suid="{attr[@tag='0020000D']}"/>
        </xsl:when>
<!--
        all other Modalities stored client1 - Radiology (having ISSUER set to DCM4CHEE)
-->
        <xsl:otherwise>
                <!-- grant Query, Read and Append permission on Study to client1 per default -->
                <grant role="client1" action="Q,R,A" suid="{attr[@tag='0020000D']}"/>
        </xsl:otherwise>
      </xsl:choose>
  5. Set the Archive Behaviour for using the Security Feature
    Study Permission Service#UpdateOnSeriesStored = true
    Query Retrieve SCP#UnrestrictedReadPermissionsToAETitles = MASTER_AET
    Query Retrieve SCP#UnrestrictedQueryPermissionsToAETitles = MASTER_AET
    Query Retrieve SCP#UnrestrictedExportPermissionsToAETitles = MASTER_AET
  6. PITFALLS:
    Make sure that your WebViewer is able to show files after enabling the Security Features.
  • No labels