pynetdicom.pdu_primitives.UserIdentityNegotiation¶

class pynetdicom.pdu_primitives.UserIdentityNegotiation[source]¶

Representation of the User Identity Negotiation primitive.

Allows peer AEs to exchange generic application information.

The SOP Class Common Extended Negotiation is optional and there may only be a single UserIdentityNegotiation item.

In general, a User Identity Negotiation request that is accepted will result in association establishment and possibly a server response if requested and supported by the peer. If a server response is requested but not received then the Requestor must decide how to proceed. An association rejected due to an authorisation failure will be indicated using Rejection Permanent with a Source of “DICOM UL service provided (ACSE related function)”.

How the Acceptor handles authentication is to be implemented by the end-user and is outside the scope of the DICOM standard.

A-ASSOCIATE-RQ

user_identity_type
positive_response_requested
primary_field
secondary_field

A-ASSOCIATE-AC The server_response parameter is required when a response to the User Identity Negotiation request is to be issued (although this depends on whether or not this is supported by the Acceptor).

Examples

>>> from pynetdicom.pdu_primitives import UserIdentityNegotiation
>>> item = UserIdentityNegotiation()
>>> item.user_identity_type = 2
>>> item.positive_response_requested = True
>>> item.primary_field = b'username'
>>> item.secondary_field = b'password'

References

DICOM Standard, Part 7, Annex D.3.3.7

__init__() → None[source]¶

Methods

`__init__`()
`from_primitive`()	Convert the primitive to a PDU item ready to be encoded.

Attributes

`positive_response_requested`	Get or set Positive Response Requested.
`primary_field`	Get or set Primary Field.
`secondary_field`	Get or set the Secondary Field.
`server_response`	Get or set the Server Response.
`user_identity_type`	Return the User Identity Type.

from_primitive() → UserIdentitySubItemAC | UserIdentitySubItemRQ[source]¶

Convert the primitive to a PDU item ready to be encoded.

Returns:

item – pdu_items.UserIdentitySubItemAC

Return type:

pdu_items.UserIdentitySubItemRQ or

Raises:

ValueError – If server_response is None and user_identity_type or primary_field are None
ValueError – If server_response is None and user_identity_type is 2 and secondary_field is None

property positive_response_requested: bool¶

Get or set Positive Response Requested.

Parameters:: value (bool) – True if response requested, False otherwise
Raises:: TypeError – If value is not a bool

property primary_field: bytes | None¶

Get or set Primary Field.

Parameters:: value (bytes or None) – The username, Kerberos Service ticket or SAML assertion as a bytes object.
Raises:: TypeError – If value is not bytes or None

property secondary_field: bytes | None¶

Get or set the Secondary Field.

Only used when User Identity Type is equal to 2.

Parameters:: value (bytes) – The passcode as a bytes object

property server_response: bytes | None¶

Get or set the Server Response.

A-ASSOCIATE-AC only.

Parameters:: value (bytes or None) – The server response as a bytes object. The Kerberos Service ticket, SAML response or JSON web token if the user_identity_type is 3, 4 or 5. Shall be None if user_identity_type was 1 or 2.
Raises:: TypeError – If value is not bytes or None

property user_identity_type: int | None¶

Return the User Identity Type.

Parameters:

value (int) –

One of the following:

1 - Username as string in UTF-8
2 - Username as string in UTF-8 and passcode
3 - Kerberos Service ticket
4 - SAML Assertion
5 - JSON Web Token

Raises:

TypeError – If value is not an int or None
ValueError – If value is an int and is not 1, 2, 3 or 4