Page History

...

Definitions and References

...

• Time (zulu time)

• User-ID

• Type of use

• The citizen

• Company registration number of calling system

• Session-ID from DGWSSessionID from IDWS Security Context (messageID)

Type of use refers to the method call.

...

Every aspect of complying with DGWS, IDWS, security handling and logging is handled by Java EE interceptors that are automatically invoked by the surrounding EJB container.

...

SLA log-interceptor is responsible for SLA logging of all service calls.

Error handling

The error handling intercept performs general error handling of all service calls and wraps and ensures that it is only DGWS faults that are returned to the calling systems.

It additionally ensures that potential errors are logged in the error log and performs debug logging of flow ID.

DGWS and security

The DGWS-interceptor performs validation of the security and Medcom headers. It ensures that only authenticated user systems can access the service by authorizing them in a whitelistConsent Administration and Consent Verification handles errors differently. See the subsections "Error Handling" in the following two sections.

Service Logic for Consent Administration

...

The consent service make use of the Min Log service client (see section 5.4).

...

Error handling

The error handling intercept performs general error handling of all service calls and wraps and ensures that it is only SOAP faults that are returned to the calling systems.

It additionally ensures that potential errors are logged in the error log and performs debug logging of flow ID.

Service Logic for Consent Verification

The service logic comply with the decision graph that has been made for consent verification (see section 2.2) and it is implemented in the class ConsentVerificationServiceLogic.

...

The handling by precautionary principle is simply, that if a data element is of type unknown or type other, it might represent data from the same organization (‘what’-organization) as that of a negative data specific negative consent. The data element, therefore is eligible for being removed from list. The same does not apply for the positive data specific consent. Although the data element might represent the same organization, the opposite might as well be true. Therefore, positive data specific consent applies only when defined for any origin (any ‘what’-organization)well be true. Therefore, positive data specific consent applies only when defined for any origin (any ‘what’-organization).

Error handling

The error handling intercept performs general error handling of all service calls and wraps and ensures that it is only DGWS faults that are returned to the calling systems.

It additionally ensures that potential errors are logged in the error log and performs debug logging of flow ID.

DGWS and security

The DGWS-interceptor performs validation of the security and Medcom headers. It ensures that only authenticated user systems can access the service by authorizing them in a whitelist.

Consent for foreign health professionals

...

Min Spærring administration

Two The following three integration test classes exists for the administration service:

1. ConsentAdministrationServiceIT

...

2. ConsentAdministrationSecurityIT
3. ConsentAdministrationServiceMinLogLoggingIT

The security-class ensures that the service validates and verifies those security tokens that are included in the service request.

The service-class contains class contains those integration tests that verify that the service requirements have been met, in  in addition to ensuring that DGWS OIO-IDWS 1.0.1 and SLA-logging is implemented correctly.

The MinLog-class ensures that the service logging mechanism using MinLog is implemented correctly.

...