-import org.argeo.cms.KernelHeader;
-import org.argeo.security.crypto.PkiUtils;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.osgi.framework.BundleContext;
-import org.osgi.framework.ServiceRegistration;
-import org.osgi.service.useradmin.UserAdmin;
-
-/** Authentication and user management. */
-class NodeSecurity {
- private final static Log log;
- static {
- log = LogFactory.getLog(NodeSecurity.class);
- // Make Bouncy Castle the default provider
- Provider provider = new BouncyCastleProvider();
- int position = Security.insertProviderAt(provider, 1);
- if (position == -1)
- log.error("Provider " + provider.getName()
- + " already installed and could not be set as default");
- Provider defaultProvider = Security.getProviders()[0];
- if (!defaultProvider.getName().equals(KernelHeader.SECURITY_PROVIDER))
- log.error("Provider name is " + defaultProvider.getName()
- + " but it should be " + KernelHeader.SECURITY_PROVIDER);
- }
+import org.argeo.cms.auth.AuthConstants;
+
+/** Low-level kernel security */
+class NodeSecurity implements KernelConstants {
+ public final static int HARDENED = 3;
+ public final static int STAGING = 2;
+ public final static int DEV = 1;
+
+ private final boolean firstInit;