I'm trying to secure my jboss jmx-console with Ldap authentication.
in my login-config.xml :
<application-policy name = "jmx-console"> <authentication> <login-module code="org.jboss.security.auth.spi.LdapLoginModule" flag="required"> <module-option name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option> <module-option name="java.naming.provider.url">ldap://10.1.1.11:389</module-option> <module-option name="java.naming.security.authentication">simple</module-option> <module-option name="principalDNPrefix">uid=</module-option> <module-option name="principalDNSuffix">,ou=People,dc=mycompany,dc=com</module-option> <module-option name="matchOnUserDN">true</module-option> <!-- Don't have to worry about roles yet! --> <!--module-option name="rolesCtxDN">doLater</module-option> <module-option name="uidAttributeID">member</module-option> <module-option name="roleAttributeID">cn</module-option> <module-option name="hashAlgorithm">MD5</module-option--> </login-module> </authentication> </application-policy>