Show Table of Contents
3.2.6. LDAP Security Realm Changes
3.2.6.1. Configure LDAP Security Realm Changes
In JBoss EAP 5, the LDAP security realm was configured in an
<application-policy> element in the login-config.xml file. In JBoss EAP 6, the LDAP security realm is configured in the <security-domain> element in the server configuration file. For a standalone server, this is the standalone/configuration/standalone.xml file. If you are running your server in a managed domain, this is the domain/configuration/domain.xml file.
The following is an example of LDAP security realm configuration in the
login-config.xml file in JBoss EAP 5:
<application-policy name="mcp_ldap_domain">
<authentication>
<login-module code="org.jboss.security.auth.spi.LdapExtLoginModule" flag="required">
<module-option name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option>
<module-option name="java.naming.security.authentication">simple</module-option>
....
</login-module>
</authentication>
</application-policy>
This is an example of the LDAP configuration in the server configuration file in JBoss EAP 6:
<subsystem xmlns="urn:jboss:domain:security:1.2">
<security-domains>
<security-domain name="mcp_ldap_domain" cache-type="default">
<authentication>
<login-module code="org.jboss.security.auth.spi.LdapLoginModule" flag="required">
<module-option name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory"/>
<module-option name="java.naming.security.authentication" value="simple"/>
...
</login-module>
</authentication>
</security-domain>
</security-domains>
</subsystem>
Note
The XML parser changed in JBoss EAP 6. In JBoss EAP 5, you specified the module options as element content like this:
<module-option name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option>Now, the module options must be specified as element attributes with "value=" as follows:
<module-option name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory"/>
Where did the comment section go?
Red Hat's documentation publication system recently went through an upgrade to enable speedier, more mobile-friendly content. We decided to re-evaluate our commenting platform to ensure that it meets your expectations and serves as an optimal feedback mechanism. During this redesign, we invite your input on providing feedback on Red Hat documentation via the discussion platform.