pynetdicom.pdu_primitives.UserIdentityNegotiation

class pynetdicom.pdu_primitives.UserIdentityNegotiation[source]

Representation of the User Identity Negotiation primitive.

Allows peer AEs to exchange generic application information.

The SOP Class Common Extended Negotiation is optional and there may only be a single UserIdentityNegotiation item.

In general, a User Identity Negotiation request that is accepted will result in association establishment and possibly a server response if requested and supported by the peer. If a server response is requested but not received then the Requestor must decide how to proceed. An association rejected due to an authorisation failure will be indicated using Rejection Permanent with a Source of “DICOM UL service provided (ACSE related function)”.

How the Acceptor handles authentication is to be implemented by the end-user and is outside the scope of the DICOM standard.

A-ASSOCIATE-RQ

user_identity_type
positive_response_requested
primary_field
secondary_field

A-ASSOCIATE-AC The server_response parameter is required when a response to the User Identity Negotiation request is to be issued (although this depends on whether or not this is supported by the Acceptor).

Examples

>>> from pynetdicom.pdu_primitives import UserIdentityNegotiation
>>> item = UserIdentityNegotiation()
>>> item.user_identity_type = 2
>>> item.positive_response_requested = True
>>> item.primary_field = b'username'
>>> item.secondary_field = b'password'

References

__init__() None[source]

Methods

__init__()

from_primitive()

Convert the primitive to a PDU item ready to be encoded.

Attributes

positive_response_requested

Get or set Positive Response Requested.

primary_field

Get or set Primary Field.

secondary_field

Get or set the Secondary Field.

server_response

Get or set the Server Response.

user_identity_type

Return the User Identity Type.

from_primitive() Union[UserIdentitySubItemAC, UserIdentitySubItemRQ][source]

Convert the primitive to a PDU item ready to be encoded.

Returns

item – pdu_items.UserIdentitySubItemAC

Return type

pdu_items.UserIdentitySubItemRQ or

Raises
  • ValueError – If server_response is None and user_identity_type or primary_field are None

  • ValueError – If server_response is None and user_identity_type is 2 and secondary_field is None

property positive_response_requested: bool

Get or set Positive Response Requested.

Parameters

value (bool) – True if response requested, False otherwise

Raises

TypeError – If value is not a bool

property primary_field: Optional[bytes]

Get or set Primary Field.

Parameters

value (bytes or None) – The username, Kerberos Service ticket or SAML assertion as a bytes object.

Raises

TypeError – If value is not bytes or None

property secondary_field: Optional[bytes]

Get or set the Secondary Field.

Only used when User Identity Type is equal to 2.

Parameters

value (bytes) – The passcode as a bytes object

property server_response: Optional[bytes]

Get or set the Server Response.

A-ASSOCIATE-AC only.

Parameters

value (bytes or None) – The server response as a bytes object. The Kerberos Service ticket, SAML response or JSON web token if the user_identity_type is 3, 4 or 5. Shall be None if user_identity_type was 1 or 2.

Raises

TypeError – If value is not bytes or None

property user_identity_type: Optional[int]

Return the User Identity Type.

Parameters

value (int) –

One of the following:

  • 1 - Username as string in UTF-8

  • 2 - Username as string in UTF-8 and passcode

  • 3 - Kerberos Service ticket

  • 4 - SAML Assertion

  • 5 - JSON Web Token

Raises
  • TypeError – If value is not an int or None

  • ValueError – If value is an int and is not 1, 2, 3 or 4