The CTP FileStorageService Access Mechanism

From MircWiki
Jump to navigation Jump to search

This article describes the access control mechanism which is included in the CTP FileStorageService. The primary intended audience for this article is CTP administrators. A prerequisite for fully understanding this article is CTP-The RSNA Clinical Trial Processor.

广州 guangzhou Massage Center Girls provide Full Body Oil massage Service for you in Guangzhou.the Girls have professional Oil Massage in assured that the Full Service in guangzhou do in guangzhou Massage Place Customized Full Body Oil Massage in guangzhou Therapyguangzhou Massage Center offers many different types of Massage in guangzhou to choose from: Swedish massage for overall body relaxation. Deep tissue massage to loosen those stubborn knots that keep your muscles tied up and tense and so on. Best of all, every guangzhou Massage Girls offers guangzhou female massage is customized to your specific needs. Think you don't have time? We're even open Out Call Massage in guangzhou when little ones are tucked in for the night, and Walk-Ins are always welcome so you can revitalize without reworking your schedule.

大连 This is the dalian Massage Center, no matter where is you place in Dalian, we are ready to provide you with Out Call Massage Full Service in dalian, we have professional dalian Massage Girls for you to provide more professional services, whether you are female or male, we have corresponding dalian female massage & dalian male massage Dalian Massage has a Great Massage Center for Every Body massage in dalian therapy relaxes muscles, easing and soothing your aches and pains. It rejuvenates-- restoring balance to our body and being, making us better for all the things life throws our way. Out Call Massage in dalian massage Place believes every body deserves a great customized Full Service in dalian, so we've made relaxation convenient. We offer flexible appointment times to fit the busiest of schedules, hundreds of locations nationwide and professional Full Service in dalian Therapists to customize the perfect massage designed to fit your life. Oh, and did we mention the great price? It's what's made us the leading provider of Oil Massage therapy in the U.S. And with so many options, a great Body Massage in dalian is always within your reach. Just ask our members.

沈阳 Make a full Body Oil Service Out Call Massage in shenyang for your Therapy part of your Wellness Programs Whether you're looking to relieve stress, lower your blood pressure, or you're interested in getting some much needed relaxation, shenyang Massage Center's more than 500 convenient Massage Place, flexible scheduling, and affordable prices make enjoying a little slice of heaven easy any time you like! here have you need shenyang female massage and shenyang male massage. Visit once in a while, once a week or once a month--learn more about our wellness benefits program and how you can enjoy a great customized shenyang Massage as often as you'd like with a Massage membership in order to allow our shenyang Massage Girls you offer professional massage Full Service in shenyang. leisure massage fitness professionals to provide professional services. To make your life more comfortable and easy leisure massage fitness professionals to provide professional services. To make your life more comfortable and relaxed, come here to enjoy the happiness of your life to enjoy it. This is a large massage center, there are several ways for you to choose from massage, there are a variety of your massage preferences

彩票3d预测挺好玩的 沙发厂什么样的都有,华军的是专业生产电动沙发,桑拿沙发,足疗沙发,足浴沙发,洗浴沙发等娱乐休闲场所沙发的沙发厂,是值得大家信赖的!




1 Authentication

The FileStorageService web server can be configured to enforce access control at the level of a FileSystem. To do so, the requireAuthentication attribute must be set to yes in the FileStorageService's configuration element as described in CTP-The RSNA Clinical Trial Processor.

When authentication is required, the web server verifies that the user is authenticated on each transaction, and if not, displays a login page. After the login is successful, the user is directed to the original destination.

(Technical note: Once the user is authenticated, the system sets a session cookie on the client. The client must have cookies enabled for the authentication mechanism to work. It is not necessary to close the browser session to log in as another user, and it is also possible to log out. The home page of the web server provides links for both actions.)

2 Privileges

Users may be granted zero or more of the following privileges:

  • admin grants a user access to administrative functions that are restricted for security.
  • delete grants a user the ability to delete studies in any FileSystem.
  • guest identifies a user as someone who can be granted read access to a specific FileSystem by the owner of that FileSystem.
  • proxy grants a user the ability to manage the guest list of any FileSystem.
  • read grants a user the ability to view studies in any FileSystem.

Users are managed through the UserManagerServlet, which is available only to users with the admin privilege. This servlet is accessed on the main page of the CTP web server. (Note: CTP has a separate web server used to monitor the application and to perform certain administrative tasks. That web server is independent of the FileStorageService web server. Further, if multiple FileStorageServices appear in the configuration, each will have a separate web server.) A user's privileges apply to all web servers contained within CTP.

A typical administrator would have all privileges.

In a system used to distribute studies to referring physicians, FileSystems would typically be organized by PatientID, and referring physicians would have the guest privilege. A technologist or secretary might be granted the proxy privilege to allow that person to add the appropriate physician to the guest list on behalf of the patient, thus granting the physician the ability to see the patient's studies.

In a system used for research data management, all users might be granted the read privilege, but only certain users might be granted the delete privilege, the latter just so that they can manage the storage of the system.

Unless a user has the read privilege, the user is allowed to access only his own FileSystem (the FileSystem with the same name as his username), the __default FileSystem, and any FileSystem which contains his username in its guest list. In addition, the user can access the GuestListServlet so that he may invite guests to view his FileSystem.

A user can always delete studies from his own FileSystem, but he can only delete other studies if he has the delete privilege.