hi,
i configured an application policy and i want to allow only users from group
cn=portalrrhh,ou=Groups,dc=example.com,dc=global
this is the test i did with jmx-console:
<application-policy name="jmx-console"> <authentication> <login-module code="org.jboss.security.auth.spi.LdapExtLoginModule" flag="required" > <module-option name="java.naming.provider.url">ldap://example.com:389</module-option> <module-option name="baseCtxDN">ou=Users,dc=example.com,dc=global</module-option> <module-option name="baseFilter">(uid={0})</module-option> <module-option name="rolesCtxDN">cn=portalrrhh,ou=Groups,dc=example.com,dc=global</module-option> <module-option name="roleFilter">(memberUid={0})</module-option> <module-option name="roleAttributeIsDN">false</module-option> <module-option name="roleNameAttributeID">cn</module-option> <module-option name="roleRecursion">0</module-option> <module-option name="searchScope">ONELEVEL_SCOPE</module-option> </login-module> </authentication> </application-policy>