Moises Jardim Pinheiro [https://community.jboss.org/people/jardimpinheiro] created the discussion "Re: Ldap configuration" To view the discussion, visit: https://community.jboss.org/message/829793#829793 -------------------------------------------------------------- I achieved :-) This article was helpful http://middlewaremagic.com/jboss/?p=378 http://middlewaremagic.com/jboss/?p=378 The jboss tested was jboss-as-7.1.1.Final In the web.xml I put * in role-name tag for grant access to all groups. <security-role>                     <role-name>*</role-name>           </security-role> And in auth-method tag I put BASIC (user/pass from window's browser) instead of FORM. <login-config>                     <auth-method>BASIC</auth-method>           </login-config> In standalone.xml <subsystem xmlns="urn:jboss:domain:security:1.1">             <security-domains>                 <security-domain name="other" cache-type="default">                     <authentication>                         <login-module code="Disabled" flag="required"/>                     </authentication>                 </security-domain>                 <security-domain name="test_ldap_security_domain">                     <authentication>                         <login-module code="org.jboss.security.auth.spi.LdapExtLoginModule" flag="required">                             <module-option name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory"/>                             <module-option name="java.naming.provider.url" value="ldap://server:389"/>                             <module-option name="bindDN" value="cn=company,cn=test,dc=com,dc=br"/>                             <module-option name="bindCredential" value="my_ad_pass"/>                             <module-option name="baseCtxDN" value="cn=test,dc=com,dc=br"/>                             <module-option name="baseFilter" value="(uid={0})"/>                             <module-option name="rolesCtxDN" value="cn=Roles,cn=test,dc=com,dc=br"/>                             <module-option name="roleFilter" value="(userPrincipalName={0})"/>                             <module-option name="roleAttributeID" value="name"/>                             <module-option name="roleNameAttributeID" value="cn"/>                             <module-option name="roleAttributeIsDN" value="true"/>                             <module-option name="allowEmptyPasswords" value="false"/>                             <module-option name="Context.REFERRAL" value="follow"/>                             <module-option name="throwValidateError" value="true"/>                             <module-option name="searchScope" value="SUBTREE_SCOPE"/>                             <module-option name="allowEmptyPasswords" value="true"/>                             <module-option name="throwValidateError" value="true"/>                         </login-module>                         <login-module code="org.jboss.security.auth.spi.RoleMappingLoginModule" flag="optional">                             <module-option name="rolesProperties" value="../standalone/configuration/test-roles.properties"/>                             <module-option name="replaceRole" value="false"/>                         </login-module>                     </authentication>                 </security-domain>             </security-domains>         </subsystem> -------------------------------------------------------------- Reply to this message by going to Community [https://community.jboss.org/message/829793#829793] Start a new discussion in JBoss AS 7 Development at Community [https://community.jboss.org/choose-container!input.jspa?contentType=1&...]