`
qimo601
  • 浏览: 3444045 次
  • 性别: Icon_minigender_1
  • 来自: 苏州
社区版块
存档分类
最新评论

DCMTK Howto: User Identity Negotiation

阅读更多

 

Howto: User Identity Negotiation

Since April 2008 DCMTK allows for handling a feature called User Identity Negotiation, which is an optional mechanism to send/receive user credentials, a Kerberos ticket or aSAML assertion during DICOM association negotiation.

The implemenation is part of the dcmnet module and is implemented (mainly) in the files dcuserid.cc and dcuserid.h. However, for accessing this feature one should use the APIfunctions provided by assoc.h.

At the moment there are 4 identification modes for User Identity Negotiation in DICOM:

  1. Username
  2. Username / Password
  3. Kerberos
  4. SAML

All of those are supported (on a lower level) by DCMTK. Note that all identity information (ie. also passwords) are transmitted in plain text, which is not an issue of DCMTK but designed like this in the DICOM standard. If you want this information to be encrypted, you should use a DICOM TLS network connection, which can be accomplished with DCMTK'sdcmtls module.

API for SCU (Client)

There are two different stages in association negotiation, where User Identity Negotiation is exchanged. The first is when the client sends it's negotiation request to the server (SCP). This request contains the identification request itself and can be accessed by the following functions:

Request: Identification mode "user"

To send a username when negotiating an association, use function

 

/** Sets User/Password authentication for User Identity Negotiation
 *  request.
 *  @param params - [in/out] The association parameters to be filled
 *  @param userName - [in]  The username to send (in UTF-8)
 *  @password - [in] Password in UTF-8
 *  @return EC_Normal if user identity could be set, error otherwise
 */
OFCondition
ASC_setIdentRQUserPassword(
    T_ASC_Parameters * params,
    const OFString& userName,
    const OFString& password,
    const OFBool& requestRsp = OFTrue);

 

Request: Identification mode "user / password"

For sending a user / password combination, use

 

/** Sets User/Password authentication for User Identity Negotiation
 *  request.
 *  @param params - [in/out] The association parameters to be filled
 *  @param userName - [in]  The username to send (in UTF-8)
 *  @password - [in] Password in UTF-8
 *  @return EC_Normal if user identity could be set, error otherwise
 */
OFCondition
ASC_setIdentRQUserPassword(
    T_ASC_Parameters * params,
    const OFString& userName,
    const OFString& password,
    const OFBool& requestRsp = OFTrue);

 

Request: Identification mode "Kerberos"

For Kerberos, use

 

/** Sets Kerberos authentication for User Identity Negotiation request.
 *  @param params     - [in/out] The association parameters to be filled
 *  @param kerbTicket - [in]  The kerberos ticket to send (will be copied)
 *  @param length     - [in] Length of kerberos ticket
 *  @return EC_Normal if kerberos ticket could be set, error otherwise
 */
OFCondition
ASC_setIdentRQKerberos(
    T_ASC_Parameters * params,
    const char* kerbTicket,
    const Uint16& length,
    const OFBool& requestRsp = OFTrue);

 

Request: Identification mode "SAML"

And least, for SAML use function

 

/** Sets SAML authentication for User Identity Negotiation request.
 *  @param params - [in/out] The association parameters to be filled
 *  @param saml   - [in]  The SAML information to send (will be copied)
 *  @param length - [in] Length of SAML information
 *  @return EC_Normal if SAML info could be set, error otherwise
 */
OFCondition
ASC_setIdentRQSaml(
    T_ASC_Parameters * params,
    const char* saml,
    const Uint16& length,
    const OFBool& requestRsp = OFTrue);

 

Response: Evaluating the SCPs response

If the server (SCP) sends an acknoledge to the association request package, there may be some User Identity Negotiaton data included that is a response to the request made by the SCU. To access the SCP's response, the function

 

void
ASC_getCopyOfIdentResponse(T_ASC_Parameters * params,
                           void*& buffer,  unsigned short& bufferLen);

 

is used. The function allocates memory - be sure to delete the result buffer when it is not needed anymore to release the associated memory.

API for SCP

There is only one function to access a received client's User Identification request:

 

/** Returns a copy of the User Identity Negotiation response value.
 *  CAUTION: The returned buffer (copy of orginal data) must be freed by the
 *  caller!
 *  @param params - [in]  The association parameters to get response from
 *  @param buffer - [out] The buffer to write to. Memory is allocated inside
 *                        function, so the returned buffer memory must be freed
 *                        by the caller. If there is no response or there was
 *                        was a problem, NULL is returned here.
 *  @param length - [out] Length of returned buffer. If there is a problem or no
 *                        response at all, this is set to 0.
 *  @return none
 */
------------------------------------------------------------------

柳北风儿

http://qimo601.iteye.com

转载:http://support.dcmtk.org/wiki/dcmtk/howto/useridentitynegotiation

 

分享到:
评论

相关推荐

    Dcm.zip_dcm_dcmtk vs2008_img2dcm.exe DCMTK_site:www.pudn.com_显示D

    首先,"DCMTK"是DICOM(Digital Imaging and Communications in Medicine)工具包的缩写,这是一个开源软件库,主要用于医学图像处理,如读取、写入和转换DICOM格式的数据。"vs2008"指的是Visual Studio 2008,这是...

    第一个 DCMTK 程序:显示 DICOM 图像(DCMTK 3.6.4 + Qt 5.14.2 + VS2015)源码

    这是博文《第一个 DCMTK 程序:显示 DICOM 图像(DCMTK 3.6.4 + Qt 5.14.2 + VS2015)》的源码,详细内容见博客文章 https://blog.csdn.net/blackwoodcliff/article/details/109481195

    最全DCMTK攻略

    DCMTK攻略 DCMTK(DICOM Toolkit)是德国Offis公司开发的开源项目,旨在提供一个实现DICOM协议的平台,为开发者提供了一个便捷的开发环境。DCMTK提供了所有的源代码、支持库和帮助文档,支持多种操作系统,包括...

    dcmtk包中storescu服务移植到wince(OMAP3530)

    storescu是DCMTK工具集中的一员,它是一个命令行应用程序,用于实现DICOM存储服务类(Storage Service Class User,SSCU)。该服务允许客户端系统向DICOM兼容的服务器发送图像和其他医学数据。在移植过程中,开发者...

    dcmtk-3.6.6.zip

    DCMTK(DICOM ToolKit)是一个开源软件库,专门用于处理医学图像数据,符合DICOM(Digital Imaging and Communications in Medicine)标准。该标准在医疗领域广泛使用,用于存储、传输和打印医学影像数据。DCMTK ...

    DCMTK入门指南-编译说明

    DCMTK入门指南-编译说明 DCMTK(DICOM_toolkit)是一个开源软件,使得开发者可以轻松地处理DICOM格式的医学图像。以下是 DCMTK 的编译说明: 环境准备 在编译 DCMTK 之前,需要准备以下环境: * 操作系统:WIN7 ...

    dicom.rar_dcmtk_dcmtk3.6_dcmtk3.6.0_dicom

    DCMTK(DICOM Toolkit)是一个开源软件库,它提供了处理DICOM数据所需的工具和API,使得开发者能够创建与DICOM兼容的应用程序。本压缩包“dicom.rar”包含了DCMTK的版本3.6.0,这是一个广泛使用的版本,适用于医疗...

    DCMTK-已编译的dcmtk

    名称:DCMTK 评级:★★★★★ 开源许可:BSD 功能: 影像处理,影像归档,影像管理,影像传输 标准:DICOM 语言:英语 客户端: 桌面 平台:跨平台 编程语言:C/C++ 官方网站:http://dicom.offis.de/

    DCMTK 新手使用指南

    DCMTK 新手使用指南 DCMTK 是一个 DICOM 工具包,提供了 DICOM 协议的实现和DICOM 文件处理功能。作为新手,使用 DCMTK 可能会遇到很多疑惑之处。本文总结了 DCMTK 新手使用指南,旨在帮助大家快速上手 PACS 事业。...

    dcmtk-3.5.3-html-help.zip_Help!_dcmtk_dcmtk help

    DCMTK(DICOM ToolKit)是一套开源的软件库,专门用于开发处理DICOM(Digital Imaging and Communications in Medicine)标准的应用程序。DICOM是一种广泛应用于医疗成像领域的国际标准,它定义了医学图像和相关数据...

    DCMTK3.6.0库在VS2012中的配置实例

    **DCMTK库详解** DCMTK(DICOM Toolkit)是一个开源软件库,专门用于处理医学影像数据,尤其是遵循DICOM(Digital Imaging and Communications in Medicine)标准的数据。DICOM是医学影像领域广泛采用的通信协议和...

    dcmtk-3.6.0官方帮助文档

    DCMTK(Digital Imaging and Communications in Medicine Toolkit)是开源软件库,主要用于开发医学影像通信标准(DICOM)的软件。这个3.6.0版本的官方帮助文档是开发者和使用者理解DCMTK的重要资源,提供了详尽的...

    VC和DCMTK显示DICOM图像

    ### 使用VC++与DCMTK显示DICOM医学图像 #### 引言 DICOM(Digital Imaging and Communications in Medicine)是由NEMA(美国电气制造协会)和ACR(美国放射学会)联合制定的一项国际标准,旨在定义数字医学图像及...

    DCMTK的生成及加载和一些使用的例子

    - 下载最新版本的DCMTK源代码,例如版本3.5.3的下载链接为:[ftp://dicom.offis.de/pub/dicom/offis/software/dcmtk/dcmtk353/dcmtk-3.5.3.zip](ftp://dicom.offis.de/pub/dicom/offis/software/dcmtk/dcmtk353/...

    dcmtk编译安装详细文档

    **DCMTK编译安装详解** DCMTK(DICOM Toolkit)是一个开源的C++类库,用于处理DICOM(Digital Imaging and Communications in Medicine)标准的医学图像和数据。本教程将详细介绍如何在CentOS环境下编译并安装DCMTK...

    dcmtk-install.zip

    接下来,我们看看如何在VS2017和Qt5环境中集成和使用DCMTK: 1. **环境配置**:安装CMake,创建一个新项目,设置VS2017作为生成器,指定Qt5和DCMTK的路径。 2. **添加依赖**:在CMakeLists.txt文件中链接DCMTK库,...

    DCMTK3.60库

    DCMTK3.60库是一个开放源代码的软件库,专门用于医学图像通信标准(DICOM)的应用程序开发。这个库提供了丰富的API,使得开发者能够方便地处理DICOM数据,包括读取、写入、转换以及网络传输等功能。由于在某些情况下...

    Windows Qt环境下DCMTK库

    **Windows Qt环境下的DCMTK库** DCMTK(DICOM Toolkit)是一个开源软件库,专为处理DICOM(Digital Imaging and Communications in Medicine)标准而设计。DICOM是医学成像领域广泛使用的通信协议和数据格式标准。...

    dcmtk使用手册,dcmtk使用手册,dcmtk使用手册

    dcmtk使用手册,医学领域的东东,有学习的可以下载看看,没学过,不知道好不好学

    DCMTK3.5.4的include库

    DCMTK(DICOM ToolKit)是一个开源软件库,专门用于处理DICOM(Digital Imaging and Communications in Medicine)标准,这是医疗成像领域广泛使用的通信协议。DCMTK 3.5.4版本的include库包含了该框架的核心头文件...

Global site tag (gtag.js) - Google Analytics