Introduce system roles

[lgpl/argeo-commons.git] / org.argeo.util / src / org / argeo / osgi / useradmin / IpaUtils.java

diff --git a/org.argeo.util/src/org/argeo/osgi/useradmin/IpaUtils.java b/org.argeo.util/src/org/argeo/osgi/useradmin/IpaUtils.java
index d56c06ac0964b8295fcfc655c4dc15ba0cf478a6..076f26949c49b0ca6f20dfc9cef8dc06093c9818 100644 (file)
--- a/org.argeo.util/src/org/argeo/osgi/useradmin/IpaUtils.java
+++ b/org.argeo.util/src/org/argeo/osgi/useradmin/IpaUtils.java
@@ -13,13 +13,14 @@ import javax.naming.InvalidNameException;
 import javax.naming.NamingException;
 import javax.naming.ldap.LdapName;
 
-import org.argeo.naming.DnsBrowser;
-import org.argeo.naming.LdapAttrs;
+import org.argeo.util.naming.DnsBrowser;
+import org.argeo.util.naming.LdapAttrs;
 
 /** Free IPA specific conventions. */
 public class IpaUtils {
        public final static String IPA_USER_BASE = "cn=users,cn=accounts";
        public final static String IPA_GROUP_BASE = "cn=groups,cn=accounts";
+       public final static String IPA_ROLE_BASE = "cn=roles,cn=accounts";
        public final static String IPA_SERVICE_BASE = "cn=services,cn=accounts";
 
        private final static String KRB_PRINCIPAL_NAME = LdapAttrs.krbPrincipalName.name().toLowerCase();
@@ -37,6 +38,7 @@ public class IpaUtils {
                properties.put(UserAdminConf.realm.name(), realm);
                properties.put(UserAdminConf.userBase.name(), IPA_USER_BASE);
                properties.put(UserAdminConf.groupBase.name(), IPA_GROUP_BASE);
+               properties.put(UserAdminConf.systemRoleBase.name(), IPA_ROLE_BASE);
                properties.put(UserAdminConf.readOnly.name(), Boolean.TRUE.toString());
        }