How to migrate JAAS security domain to WildFly 16 Elytron model?

Here is the security domain:

<security-domain name="appLDAP" cache-type="default">

                        <authentication>

                            <login-module name="KeyLoginModule" code="org.app.security.auth.AppLoginModule" flag="required" module="com.app.configuration">

                                <module-option name="principalDNPrefix" value="uid"/>

                                <module-option name="principalDNSuffix" value="ou=people,dc=app,dc=com"/>

                                <module-option name="rolesCtxDN" value="ou=groups,dc=app,dc=com"/>

                                <module-option name="roleAttributeID" value="cn"/>

                                <module-option name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory"/>

                                <module-option name="java.naming.provider.url" value="ldaps://localhost:636"/>

                            </login-module>

                            <login-module name="ClientLoginModule" code="org.jboss.security.ClientLoginModule" flag="required">

                                <module-option name="restore-login-identity" value="true"/>

                            </login-module>

                        </authentication>

</security-domain>

Here is the realm:

<security-realm name="SSLRealm">

                <server-identities>

                    <ssl>

                        <keystore provider="PKCS12" path="webserver.p12" relative-to="jboss.domain.config.dir" keystore-password="****"/>

                    </ssl>

                </server-identities>

                <authentication>

                    <jaas name="appLDAP"/>

                </authentication>

            </security-realm>

</security-realm>