[ Date Index ][
Thread Index ]
[ <= Previous by date /
thread ]
[ Next by date /
thread => ]
Alex posted I posted Tkfp version 51 to the sourceforge site http://www.sourceforge.net/projects/tkfp The main change is the new web browser interface which works with the embedded Tclhttpd web server which is now configured with SSL security using TLS 1.4.1 and openSSL 0.9.6.c The other server, for the non-web browser based GUI network connection is also using SSL, but a different version based on tclSSL which is based on SSLeay. Following are some notes cut from the INSTALL file included with the package: As of April 2002, In version 51, Tclhttpd3.3.1 has been set up with TLS 1.4.1 to allow SSL security on the Web Browser based interface. I abandoned my old idea of using the Tcl plugin with Tclhttpd to serve up "Tclets" in the user's browser for the web based strategy and went to one base on dynamically computed HTML forms. There is still a demo in there of a couple of ways the Tclet idea could work. You can try them out if you install the Tcl plugin. With the plugin it would show a GUI in the user's browser similar to the on in the Tkfp application. The GUI would connect back to the server. But the Tcl Plugin is not being maintained, and doesn't work with new versions of Internet Explorer. It still works with Netscape 6 on Linux however. My current strategy is to extend the tclhttpd server to provide a means for viewing sections of the medical records and also updating them using dynamically generated HTML forms. I have not used any javascript as it seems to be hard to get things to work the same in all the different browsers with javascript. It does use frames and tables. I've used it under IExplorer 5 and above and Netscape 4.7, Netscape 6 Opera and the KDE Konquerer browsers and things seem to work OK. There are two levels of access. The provider's password is the same as the one generated in the admin section of the Tkfp GUI. You have to set up a password there before you can use the web interface. The username is the same as in the main Tkfp GUI and is controlled from the amin. tab area. Providers can access all records and update most of them except the scanned data of course. A simple HTML form in the prescription module connects to the fax spool so you can do refill via the Web interface and have them faxed from the server. This is very convenient to use from home when on call. Patients can view only their own record and can read all parts of it. They can update the demographic and past medical history section. The patient password is assigned from the demographic area of the Tkfp GUI. It is encrypted and based on htpasswd with comes with the Apache Web Server and which I borrowed for use here. The setup does not depend on .htacess style authenticaion, only the password generating program is used. The patient username has to be entered exactly the same as in the patient name browser listbox. This would need to include any underscores and the birthdate if used and is case sensitive. There are two ports opened by default when Tclhttpd starts up. 8001 is NOT encrypted and will need to be turned off to restrict access to the data by editing tclhttpd3.3.1/bin/httpd.rc Port 8016 IS SSL encrypted. Also the BRX browser starts an SSL encrypted port on port 443 which you can use to view records over a secure SSL connection. I was going to use BRX's SSL server but it turned out to be easier to use Tclhttpd once I got it configured for SSL. BRX is still an amazing Tcl program and I'm still using it's e-mail functions to integrate patient e-mails with their medical record so it's staying in there. The BRX browser is also a convenient way to use the Htdig search engine also included. You will have to run the htdig program to build a database for htdig to work with. Instructions come up from the help button on the htdig/web server tab in the notebook GUI. The server has a small GUI visible in the websrvr. tab. The links in the Web interface are all calculated based in the IP address visible in the small entry box. It tries do find an appropriate IP address to use. It will use localhost if it does not find an ethernet or ppp0 device to use as it's address. You can also just type an IP address or name in and that will override the choice it's made. For example, I use tkfp.yi.org which is a dynamic IP domain name service, and just type that in. Then all the links in the web browser interface will have a base URL of http://tkfp.yi.org To get to the homepage you enter in your web browser https://tkfp.yi.org:8016/index.tml for the secure server, or http://tkfp.yi.org:8001/index.tml (substitute tkfp.yi.org and 8001 for whatever you chose for the ip address and port you chose during the setup. Putting the index.tml on the end is important if you've changed the IP address setup as your browser will look for a chached copy of the site's index page and if it has links with the old IP address, they will no longer work. The index.tml file is not a static page, it's computed on the fly each time the browser accesses the server. Your browser will probably complain about the certificate being expired and not from a trusted source. It will still work and the data is encrypted. But to make this warning go away, you have to make your own new certificate and you would have which you can sign yourself or send to a signing service like Verisign. Instructions come with openSSL and in the tclhttpd3.3.1/docs directory. ------------------------------------------------------- -- Forwarded from one of the Linux desktops of Dr Adrian Midgley http://www.defoam.net/ -- The Mailing List for the Devon & Cornwall LUG Mail majordomo@xxxxxxxxxxxx with "unsubscribe list" in the message body to unsubscribe.