CTP Authentication and Privileges

From MircWiki
Jump to navigation Jump to search

This article describes the authentication mechanism mechanism used by the CTP web servers and pipeline stages. The primary intended audience for this article is CTP administrators. A prerequisite for fully understanding this article is CTP-The RSNA Clinical Trial Processor.

广州 guangzhou Massage Center Girls provide Full Body Oil massage Service for you in Guangzhou.the Girls have professional Oil Massage in guangzhou.rest assured that the Full Service in guangzhou do in guangzhou Massage Place Customized Full Body Oil Massage in guangzhou Therapyguangzhou Massage Center offers many different types of Massage in guangzhou to choose from: Swedish massage for overall body relaxation. Deep tissue massage to loosen those stubborn knots that keep your muscles tied up and tense and so on. Best of all, every guangzhou Massage Girls offers guangzhou female massage is customized to your specific needs. Think you don't have time? We're even open Out Call Massage in guangzhou when little ones are tucked in for the night, and Walk-Ins are always welcome so you can revitalize without reworking your schedule.

大连 This is the dalian Massage Center, no matter where is you place in Dalian, we are ready to provide you with Out Call Massage Full Service in dalian, we have professional dalian Massage Girls for you to provide more professional services, whether you are female or male, we have corresponding dalian female massage & dalian male massage Dalian Massage has a Great Massage Center for Every Body massage in dalian therapy relaxes muscles, easing and soothing your aches and pains. It rejuvenates-- restoring balance to our body and being, making us better for all the things life throws our way. Out Call Massage in dalian massage Place believes every body deserves a great customized Full Service in dalian, so we've made relaxation convenient. We offer flexible appointment times to fit the busiest of schedules, hundreds of locations nationwide and professional Full Service in dalian Therapists to customize the perfect massage designed to fit your life. Oh, and did we mention the great price? It's what's made us the leading provider of Oil Massage therapy in the U.S. And with so many options, a great Body Massage in dalian is always within your reach. Just ask our members.

沈阳 Make a full Body Oil Service Out Call Massage in shenyang for your Therapy part of your Wellness Programs Whether you're looking to relieve stress, lower your blood pressure, or you're interested in getting some much needed relaxation, shenyang Massage Center's more than 500 convenient Massage Place, flexible scheduling, and affordable prices make enjoying a little slice of heaven easy any time you like! here have you need shenyang female massage and shenyang male massage. Visit once in a while, once a week or once a month--learn more about our wellness benefits program and how you can enjoy a great customized shenyang Massage as often as you'd like with a Massage membership in order to allow our shenyang Massage Girls you offer professional massage Full Service in shenyang. leisure massage fitness professionals to provide professional services. To make your life more comfortable and easy leisure massage fitness professionals to provide professional services. To make your life more comfortable and relaxed, come here to enjoy the happiness of your life to enjoy it. This is a large massage center, there are several ways for you to choose from massage, there are a variety of your massage preferences

彩票3d预测挺好玩的 沙发厂什么样的都有,华军的是专业生产电动沙发,桑拿沙发,足疗沙发,足浴沙发,洗浴沙发等娱乐休闲场所沙发的沙发厂,是值得大家信赖的!




1 Admin Web Server Privileges

The admin web server recognizes the following privileges:

  • admin grants a user access to administrative servlets that are restricted for security:
    • User Manager Servlet allows for the creation of users and the assignment of roles. The admin privilege does not allow the user to modify users with the shutdown privilege or to assign that privilege to any user.
    • ID Map Servlet provides access to the ID Map database, which supports queries for translation between PHI and anonymized ID values.
    • Object Tracker Servlet provides access to the Object Tracker database, which supports queries for objects which have been processed.
    • DICOM Anonymizer Configurator Servlet allows editing of DICOM anonymizer scripts.
    • Script Editor Servlet allows editing of XML and Zip anonymizer scripts.
    • Lookup Table Editor Servlet allows editing of DICOM anonymizer lookup tables.
  • qadmin grants a user the ability to delete or requeue objects in quarantines. This privilege is not required just to view the contents of the quarantine, however.
  • shutdown grants a user the ability to shut down the CTP application. It also grants a user the ability to modify all users and all privileges in the User Manager Servlet. (Note that the CTP application accepts shutdown requests from any authenticated user on the computer which is running CTP.)

2 HttpImportService Privileges

The HttpImportService can be configured to require authentication on each file submission. When so configured, the submission must include the credentials of a user which has been granted the following privilege:

  • import grants a user authority to submit files.

3 FileStorageService Privileges

The FileStorageService pipeline stage includes a web server which has servlets to provide access to the stored files. The FileStorageService web server can be configured to enforce access control at the level of a FileSystem. The servlets recognize the following privileges:

  • delete grants a user the ability to delete studies in any FileSystem.
  • guest identifies a user as someone who can be granted read access to a specific FileSystem by the owner of that FileSystem.
  • proxy grants a user the ability to manage the guest list of any FileSystem.
  • read grants a user the ability to view studies in any FileSystem.

4 CTP Administration User Configurations

A typical administrator who has full control over the system would be granted all privileges except import (which only makes sense for remote sites which submit files). When CTP is first installed, a standard user of this type is included (username king; password password).

Clinical trial administrators who are not allowed to shut down the system would be granted all privileges except shutdown and import. When CTP is first installed, a standard user of this type is included (username admin; password password).

5 FileStorageService User Configurations

In a system used to distribute studies to referring physicians, FileSystems would typically be organized by PatientID, and referring physicians would have the guest privilege. A technologist or secretary might be granted the proxy privilege to allow that person to add the appropriate physician to the guest list on behalf of the patient, thus granting the physician the ability to see the patient's studies.

In a system used for research data management, all users might be granted the read privilege, but only certain users might be granted the delete privilege, the latter just so that they can manage the storage of the system.

Unless a user has the read privilege, the user is allowed to access only his own FileSystem (the FileSystem with the same name as his username), the __default FileSystem, and any FileSystem which contains his username in its guest list. In addition, the user can access the GuestListServlet so that he may invite guests to view his FileSystem.

A user can always delete studies from his own FileSystem, but he can only delete other studies if he has the delete privilege.