If the 2003 domain is using Active Directory (which, I think, is always the case), then LDAP is probably your best bet since Active Directory is LDAP compatible and the corresponding JAAS login module is delivered in standard with JBoss.
As long as the application is using J2EE standard authentication (JAAS), thent he application code should not have to be changed.
The thing that you need to figure out is where the user/role associations are coming from. 2003 domain do not have the notion of a role (just groups). You have to figure out if extra LDAP attributes must be created in your LDAP (Active Directory) to add the role or if you want to use the groups as roles, or something else.
One you figured that out, depending of the answer, the default LDAP JAAS login module might just work for you or you might have to add your own code.
For the configuration, there are enough post in this forum to help you with the settings. The JBoss PDF manual are also a very good starting points.
Thomas