Mercurial > hg > orthanc-book

changeset 1123:292479b06402

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
security: authentication wrt RemoteAccess
author Alain Mazy <am@orthanc.team>
date Thu, 19 Dec 2024 08:17:02 +0100
parents 3bd012947014
children fd47c2de2c58
files Sphinx/source/faq/security.rst Sphinx/source/plugins/object-storage.rst Sphinx/source/plugins/orthanc-explorer-2.rst Sphinx/source/plugins/postgresql.rst
diffstat 4 files changed, 23 insertions(+), 8 deletions(-) [+]
line wrap: on
line diff
--- a/Sphinx/source/faq/security.rst	Thu Dec 12 10:55:24 2024 +0100
+++ b/Sphinx/source/faq/security.rst	Thu Dec 19 08:17:02 2024 +0100
@@ -68,9 +68,11 @@
 access is granted by setting the ``RemoteAccessAllowed`` configuration
 option to ``true``, you should:
 
-* Set ``AuthenticationEnabled`` to ``true`` to force the users to
-  authenticate. The authorized users are listed in the option
-  ``RegisteredUsers``.
+* Check that ``AuthenticationEnabled`` is set to ``true`` to force the 
+  users to authenticate. The authorized users are listed in the option
+  ``RegisteredUsers``.  Note that, if the option ``AuthenticationEnabled`` 
+  is not provided, the authentication will be enabled as soon 
+  as ``RemoteAccessAllowed`` is enabled.
 
 * Enable :ref:`HTTPS encryption <https>` to prevent the stealing of
   medical data or passwords, even on the Intranet.
--- a/Sphinx/source/plugins/object-storage.rst	Thu Dec 12 10:55:24 2024 +0100
+++ b/Sphinx/source/plugins/object-storage.rst	Thu Dec 19 08:17:02 2024 +0100
@@ -107,7 +107,8 @@
     "StorageEncryption" : {},                 // optional: see the section related to encryption
     "HybridMode": "Disabled",                 // optional: see the section related to Hybrid storage
     "UseTransferManager": false,              // optional: see below (available from version 2.3.0)
-    "EnableAwsSdkLogs": false                 // optional: include AWS SDK logs in Orthanc logs
+    "EnableAwsSdkLogs": false,                // optional: include AWS SDK logs in Orthanc logs
+    "StorageClass": "STANDARD"                // optional: see below (available from version 2.5.0)
   }
 
 The **EndPoint** configuration is used when accessing an S3 compatible cloud provider.  I.e. here is a configuration to store data on Scaleway::
@@ -124,6 +125,13 @@
 The **UseTransferManager** configuration is used to select the `Transfer Manager <https://docs.aws.amazon.com/sdk-for-cpp/v1/developer-guide/examples-s3-transfermanager.html>`__ mode in the AWS SDK client.
 This option was introduced in version 2.3.0.  If set to false (default value), the default "object" mode is used.
 
+The **StorageClass** configuration is used to select the `Storage Class <https://aws.amazon.com/s3/storage-classes/>`__ of the uploaded files.
+This option was introduced in version 2.5.0.  Allowed values are ``"STANDARD", "REDUCED_REDUNDANCY", "STANDARD_IA", "ONEZONE_IA", 
+"INTELLIGENT_TIERING", "GLACIER", "DEEP_ARCHIVE", "OUTPOSTS", "GLACIER_IR", "SNOW"``.
+Note that, so far, Orthanc has not been tested against "cold" or "archive" storage classes.
+If the configuration is not set, Orthanc won't force any value and the default value
+defined by AWS will be used (the ``"STANDARD"`` class at the time of this release).
+
 **Important:** On Microsoft Windows, it is recommended to set the
 environment variable ``AWS_EC2_METADATA_DISABLED`` to ``true`` to
 speed up the initialization of the plugin. The reasons are explained
@@ -183,7 +191,7 @@
 method.``, this most probably indicates that your access key or your
 secret key doesn't match the credentials that were used while starting
 the MinIO server.
-    
+
 
 Azure Blob Storage plugin
 ^^^^^^^^^^^^^^^^^^^^^^^^^
--- a/Sphinx/source/plugins/orthanc-explorer-2.rst	Thu Dec 12 10:55:24 2024 +0100
+++ b/Sphinx/source/plugins/orthanc-explorer-2.rst	Thu Dec 19 08:17:02 2024 +0100
@@ -89,6 +89,10 @@
     http://localhost:8042/ui/app/#/filtered-studies?StudyInstanceUID="1.2.3"&expand=study
     http://localhost:8042/ui/app/#/filtered-studies?StudyInstanceUID="1.2.3"&expand=series
 
+And, from OE2 1.7.0, when working with SQLite or PostgreSQL 7.0+, you may also define the ordering::
+
+    http://localhost:8042/ui/app/#/filtered-studies?StudyDate=20231213-20241213&order-by=DicomTag,StudyDate,ASC;DicomTag,PatientName,ASC;Metadata,LastUpdate,DESC
+
 By default, OE2 will add a wildcard ``*`` at the beginning and at the end of the search text.  Therefore, searching
 for ``PatientID=1234`` will actually search for ``PatientID=*1234*``.  If you do not want to have these extra wildcards
 added, you should use ``"`` at the beginning and/or at the end of the search text.  Therefore, searching for
--- a/Sphinx/source/plugins/postgresql.rst	Thu Dec 12 10:55:24 2024 +0100
+++ b/Sphinx/source/plugins/postgresql.rst	Thu Dec 19 08:17:02 2024 +0100
@@ -132,9 +132,10 @@
       "EnableSsl" : false,               // New in release 3.0
       "MaximumConnectionRetries" : 10,   // New in release 3.0
       "ConnectionRetryInterval" : 5,     // New in release 3.0
-      "IndexConnectionsCount" : 1,       // New in release 4.0
-      "TransactionMode": "Serializable", // New in release 6.0
-      "EnableVerboseLogs": false         // New in release 6.0
+      "IndexConnectionsCount" : 50,      // New in release 4.0 - new default value in 7.0
+      "TransactionMode": "ReadCommitted",// New in release 6.0 - new default value in 7.0
+      "EnableVerboseLogs": false,        // New in release 6.0
+      "HousekeepingInterval": 1          // New in release 7.0
     },
     "Plugins" : [
       "/home/user/orthanc-databases/BuildPostgreSQL/libOrthancPostgreSQLIndex.so",