3.2.4. LDAP Security Realm Changes
3.2.4.1. Configure LDAP Security Realm Changes
In JBoss Enterprise Application Platform 5, the LDAP security realm was configured in an
<application-policy> element in the login-config.xml file. In JBoss Enterprise Application Platform 6, the LDAP security realm is configured in the <security-domain> element in the server configuration file. For a standalone server, this is the standalone/configuration/standalone.xml file. If you are running your server in a managed domain, this is the domain/configuration/domain.xml file.
The following is an example of LDAP security realm configuration in the
login-config.xml file in JBoss Enterprise Application Platform 5:
<application-policy name="mcp_ldap_domain">
<authentication>
<login-module code="org.jboss.security.auth.spi.LdapExtLoginModule" flag="required">
<module-option name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option>
<module-option name="java.naming.security.authentication">simple</module-option>
....
</login-module>
</authentication>
</application-policy>
This is an example of the LDAP configuration in the server configuration file in JBoss Enterprise Application Platform 6:
<subsystem xmlns="urn:jboss:domain:security:1.0">
<security-domains>
<security-domain name="mcp_ldap_domain" type="default">
<authentication>
<login-module code="org.jboss.security.auth.spi.LdapLoginModule" flag="required">
<module-option name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory">
<module-option name="java.naming.security.authentication" value="simple">
...
</module-option>
</module-option>
</login-module>
</authentication>
</security-domain>
</security-domains>
</subsystem>
Note
The XML parser changed in JBoss Enterprise Application Platform 6. In JBoss Enterprise Application Platform 5, you specified the module options as element content like this:
<module-option name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option>Now, the module options must be specified as element attributes with "value=" as follows:
<module-option name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory"/>
