projects / lgpl / argeo-commons.git / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Introduce Argeo 2 security model-
[lgpl/argeo-commons.git] / org.argeo.cms / src / org / argeo / cms / KernelHeader.java
diff --git a/org.argeo.cms/src/org/argeo/cms/KernelHeader.java b/org.argeo.cms/src/org/argeo/cms/KernelHeader.java
index c2dd2cae7dfe76cc57a107a5ecc46545846beb7b..620699abfac7a944cf08ab8f81ad83974bdfd0ac 100644 (file)
--- a/org.argeo.cms/src/org/argeo/cms/KernelHeader.java
+++ b/org.argeo.cms/src/org/argeo/cms/KernelHeader.java
@@ -9,14 +9,17 @@ public interface KernelHeader {
        final static String LOGIN_CONTEXT_SINGLE_USER = "SINGLE_USER";
 
        // RESERVED ROLES
-       public final static String ROLE_ADMIN = "ROLE_ADMIN";
-       public final static String ROLE_GROUP_ADMIN = "ROLE_GROUP_ADMIN";
-       public final static String ROLE_USER_ADMIN = "ROLE_USER_ADMIN";
-       public final static String ROLE_USER = "ROLE_USER";
-       public final static String ROLE_ANONYMOUS = "ROLE_ANONYMOUS";
+       public final static String ROLE_ADMIN = "cn=admin,ou=system,ou=node";
+       public final static String ROLE_GROUP_ADMIN = "cn=groupAdmin,ou=system,ou=node";
+       public final static String ROLE_USER_ADMIN = "cn=userAdmin,ou=system,ou=node";
+       // Special system groups that cannot be edited:
+       // user U anonymous = everyone
+       public final static String ROLE_USER = "cn=user,ou=system,ou=node";
+       public final static String ROLE_ANONYMOUS = "cn=anonymous,ou=system,ou=node";
 
        // RESERVED USERNAMES
        public final static String USERNAME_ADMIN = "root";
        public final static String USERNAME_DEMO = "demo";
+       @Deprecated
        public final static String USERNAME_ANONYMOUS = "anonymous";
 }
Argeo Commons - Lightweight integration framework in pure Java/OSGi