Hi,
I've been digging through the old forums and these boards for weeks now and I still haven't been able to sort out a problem that I've seen posted by numerous people but there is never a full solution discussed.
It's pretty important in a lot of situations to have access control of studies based on users. The web interface seems to handle that, no problem. Simply based on AESource I can make 3 users and say each user can only see studies whose source AE title is associated with their user ie User 1 sends the data to the PACS only that user can retrieve it. I can also alter the series-permissions.xsl to define roles on study store based on some other tag say referring physician, or modality etc. All that works just fine.. from the web interface.
But what happens when we step out into the real world in which people are accessing the PACS from something other than the web interface? Say Osirix, or ClearCanvas? Something with actual visualization and image analysis tools?
It seems like it should be a two step solution
1) On series store assign access rights to the study based on the AE Title where the study originated (or potentially some otehr imbedded tag)
-Go to Jboss->dcm4chee.archive->StudyPermission
-UpdateOnSeriesStored -> true
-Alter Series-permission.xls to add roles based on the "calling" tag (My proposed .xsl is linked)
2) On Query Receive assign a user to the calling AE Title since it's being done from a remote dicom node and will not have user permission information
- I can not for the life of me get this to work
AE Management
User ID and Password attribute are configurable for AET's which do not support user identification
This suggests to me that you can specify the User associated with an AE title in the AE configuration, which you can in eitehr the web interface or the service=AE tag in jboss. So I go into the AE configuration and add a user and password to the AE Title of my remote clear canvas instance hoping that when I query the PACS it will see oh it's BrandonAE assign the role Brandon which can only see images which came from Brandon AE. But no dice I still get all the studies. If I login into the web interface as Brandon I can only see the studies sent from my AE Title.
I'm stumped, this seems like something many people must do but I don't see any real walkthrough or explanation of how it works.
Any help would be much appreciated.