Hi,
I'd like to use LDAP as login. How does security-domain work with LDAP?
What's the replacement for login-config.xml <= AS6? I like to use LDAP for authentication.
That's how I did it in AS 6
<application-policy name="ActiveDirectory">
<authentication>
<login-module code="org.jboss.security.auth.spi.LdapExtLoginModule" flag="required" >
<!-- Some AD configurations may require searching against the Global Catalog on port 3268 instead of the usual port 389.
This is most likely when the AD forest includes multiple domains. -->
<module-option name="java.naming.provider.url">ldap://xy.ch:3168</module-option>
<module-option name="java.naming.security.authentication">simple</module-option>
<module-option name="bindDN">ad\ab</module-option>
<module-option name="bindCredential">xy</module-option>
<module-option name="baseCtxDN">dc=ad,dc=bls,dc=ch</module-option>
<module-option name="baseFilter">(sAMAccountName={0})</module-option>
<module-option name="rolesCtxDN">dc=ad,dc=bls,dc=ch</module-option>
<module-option name="roleFilter">(member={1})</module-option>
<module-option name="roleAttributeIsDN">true</module-option>
<module-option name="roleNameAttributeID">name</module-option>
</login-module>
<login-module code="org.jboss.security.auth.spi.RoleMappingLoginModule" flag="optional">
<module-option name="rolesProperties">props/rolesMapping-roles.properties</module-option>
</login-module>
</authentication>
</application-policy>
Thanks,
Simon