brms.ldif
dn: o=brms,dc=my-domain,dc=com objectclass: top objectclass: organization o: brms dn: ou=People,o=brms,dc=my-domain,dc=com objectClass: top objectClass: organizationalUnit ou: People dn: uid=admin,ou=People,o=brms,dc=my-domain,dc=com objectclass: top objectClass: uidObject objectclass: inetOrgPerson objectclass: person uid: admin cn: admin sn: admin userPassword: admin dn: uid=john,ou=People,o=brms,dc=my-domain,dc=com objectclass: top objectClass: uidObject objectclass: inetOrgPerson objectclass: person uid: john cn: john sn: john userPassword: john dn: uid=mary,ou=People,o=brms,dc=my-domain,dc=com objectclass: top objectClass: uidObject objectclass: inetOrgPerson objectclass: person uid: mary cn: mary sn: mary userPassword: mary dn: ou=Roles,o=brms,dc=my-domain,dc=com objectClass: organizationalUnit objectClass: top ou: Roles dn: cn=admin,ou=Roles,o=brms,dc=my-domain,dc=com objectClass: top objectClass: groupOfNames cn: admin description: brms admin role member: uid=admin,ou=People,o=brms,dc=my-domain,dc=com dn: cn=user,ou=Roles,o=brms,dc=my-domain,dc=com objectClass: top objectClass: groupOfNames cn: user description: brms user role member: uid=admin,ou=People,o=brms,dc=my-domain,dc=com member: uid=john,ou=People,o=brms,dc=my-domain,dc=com member: uid=mary,ou=People,o=brms,dc=my-domain,dc=com
delete.dn
o=brms,dc=my-domain,dc=com ou=People,o=brms,dc=my-domain,dc=com ou=Roles,o=brms,dc=my-domain,dc=com uid=admin,ou=People,o=brms,dc=my-domain,dc=com uid=john,ou=People,o=brms,dc=my-domain,dc=com uid=mary,ou=People,o=brms,dc=my-domain,dc=com cn=admin,ou=Roles,o=brms,dc=my-domain,dc=com cn=user,ou=Roles,o=brms,dc=my-domain,dc=com
login-config.xml
<application-policy name="brms"> <authentication> <login-module code="org.jboss.security.auth.spi.LdapLoginModule" flag="required" > <module-option name="java.naming.factory.initial"> com.sun.jndi.ldap.LdapCtxFactory</module-option> <module-option name="java.naming.provider.url">ldap://localhost:389/</module-option> <module-option name="java.naming.security.authentication">simple</module-option> <module-option name="principalDNPrefix">uid=</module-option> <module-option name="principalDNSuffix">,ou=People,o=brms,dc=my-domain,dc=com</module-option> <module-option name="rolesCtxDN">ou=Roles,o=brms,dc=my-domain,dc=com</module-option> <module-option name="uidAttributeID">member</module-option> <module-option name="matchOnUserDN">true</module-option> <module-option name="roleAttributeID">cn</module-option> <module-option name="roleAttributeIsDN">false</module-option> </login-module> </authentication> </application-policy>
jboss-brms.war/WEB-INF/components.xml
<security:identity authenticate-method="#{authenticator.authenticate}" jaas-config-name="brms"/>