Mercurial > hg > orthanc-authorization
comparison NEWS @ 84:9194a65254d4
news
author | Alain Mazy <am@osimis.io> |
---|---|
date | Fri, 17 Mar 2023 17:01:43 +0100 |
parents | 94a9484d7f8f |
children | 50e4d01eb263 |
comparison
equal
deleted
inserted
replaced
83:23afe0f2b62b | 84:9194a65254d4 |
---|---|
1 2023-03-17 - v 0.5.0 | |
2 ==================== | |
3 | |
1 * BREAKING-CHANGE: the API between the authorization plugin and the | 4 * BREAKING-CHANGE: the API between the authorization plugin and the |
2 WebService has slightly changed. Check the samples in the README (TODO). | 5 WebService has slightly changed. Check the samples in the README (TODO). |
3 - "identifier" has been renamed into "server-id" | 6 - "identifier" has been renamed into "server-id" |
4 * new user-permission based authorization model. This is enabled if you | 7 * new user-permission based authorization model. This is enabled if you |
5 define the new "WebServiceUserProfileUrl" configuration. | 8 define the new "WebServiceUserProfileUrl" configuration. |
6 * new "orthanc-explorer-2" StandardConfigurations | 9 * new "orthanc-explorer-2" StandardConfigurations |
7 * new GET "auth/user/profile" Rest API route to retrieve user permissions | 10 * new GET "auth/user/profile" Rest API route to retrieve user permissions |
8 * new PUT "auth/tokens/{token-type}" Rest API route to create tokens | 11 * new PUT "auth/tokens/{token-type}" Rest API route to create tokens |
9 * new POST "auth/tokens/decode" Rest API route to decode tokens | 12 * new POST "auth/tokens/decode" Rest API route to decode tokens |
13 * these 3 new routes required an updated auth-web-service. | |
10 * SECURITY FIX: in prior versions, it was possible to browse remote | 14 * SECURITY FIX: in prior versions, it was possible to browse remote |
11 dicom-web servers without being authenticated. (The API routes | 15 dicom-web servers without being authenticated. (The API routes |
12 /dicom-web/servers/.../studies were unprotected). The local | 16 /dicom-web/servers/.../studies were unprotected). The local |
13 dicom-web server was correctly protected. | 17 dicom-web server was correctly protected. |
14 | 18 |