3.2.6. LDAP Security Realm Changes
3.2.6.1. Configure LDAP Security Realm Changes
In JBoss EAP 5, the LDAP security realm was configured in an
<application-policy>
element in the login-config.xml
file. In JBoss EAP 6, the LDAP security realm is configured in the <security-domain>
element in the server configuration file. For a standalone server, this is the standalone/configuration/standalone.xml
file. If you are running your server in a managed domain, this is the domain/configuration/domain.xml
file.
The following is an example of LDAP security realm configuration in the
login-config.xml
file in JBoss EAP 5:
<application-policy name="mcp_ldap_domain"> <authentication> <login-module code="org.jboss.security.auth.spi.LdapExtLoginModule" flag="required"> <module-option name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option> <module-option name="java.naming.security.authentication">simple</module-option> .... </login-module> </authentication> </application-policy>
This is an example of the LDAP configuration in the server configuration file in JBoss EAP 6:
<subsystem xmlns="urn:jboss:domain:security:1.0"> <security-domains> <security-domain name="mcp_ldap_domain" cache-type="default"> <authentication> <login-module code="org.jboss.security.auth.spi.LdapLoginModule" flag="required"> <module-option name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory"/> <module-option name="java.naming.security.authentication" value="simple"/> ... </login-module> </authentication> </security-domain> </security-domains> </subsystem>
Note
The XML parser changed in JBoss EAP 6. In JBoss EAP 5, you specified the module options as element content like this:
<module-option name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option>Now, the module options must be specified as element attributes with "value=" as follows:
<module-option name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory"/>