Mercurial > hg > orthanc-authorization
comparison NEWS @ 84:9194a65254d4
news
| author | Alain Mazy <am@osimis.io> |
|---|---|
| date | Fri, 17 Mar 2023 17:01:43 +0100 |
| parents | 94a9484d7f8f |
| children | 50e4d01eb263 |
comparison
equal
deleted
inserted
replaced
| 83:23afe0f2b62b | 84:9194a65254d4 |
|---|---|
| 1 2023-03-17 - v 0.5.0 | |
| 2 ==================== | |
| 3 | |
| 1 * BREAKING-CHANGE: the API between the authorization plugin and the | 4 * BREAKING-CHANGE: the API between the authorization plugin and the |
| 2 WebService has slightly changed. Check the samples in the README (TODO). | 5 WebService has slightly changed. Check the samples in the README (TODO). |
| 3 - "identifier" has been renamed into "server-id" | 6 - "identifier" has been renamed into "server-id" |
| 4 * new user-permission based authorization model. This is enabled if you | 7 * new user-permission based authorization model. This is enabled if you |
| 5 define the new "WebServiceUserProfileUrl" configuration. | 8 define the new "WebServiceUserProfileUrl" configuration. |
| 6 * new "orthanc-explorer-2" StandardConfigurations | 9 * new "orthanc-explorer-2" StandardConfigurations |
| 7 * new GET "auth/user/profile" Rest API route to retrieve user permissions | 10 * new GET "auth/user/profile" Rest API route to retrieve user permissions |
| 8 * new PUT "auth/tokens/{token-type}" Rest API route to create tokens | 11 * new PUT "auth/tokens/{token-type}" Rest API route to create tokens |
| 9 * new POST "auth/tokens/decode" Rest API route to decode tokens | 12 * new POST "auth/tokens/decode" Rest API route to decode tokens |
| 13 * these 3 new routes required an updated auth-web-service. | |
| 10 * SECURITY FIX: in prior versions, it was possible to browse remote | 14 * SECURITY FIX: in prior versions, it was possible to browse remote |
| 11 dicom-web servers without being authenticated. (The API routes | 15 dicom-web servers without being authenticated. (The API routes |
| 12 /dicom-web/servers/.../studies were unprotected). The local | 16 /dicom-web/servers/.../studies were unprotected). The local |
| 13 dicom-web server was correctly protected. | 17 dicom-web server was correctly protected. |
| 14 | 18 |