<security-domain name="Clarety" cache-type="default">
<authentication>
<login-module code="Remoting" flag="optional">
<module-option name="password-stacking" value="useFirstPass"/>
</login-module>
<login-module name="Clarety" code="AdvancedLdap" flag="optional">
<module-option name="java.naming.security.authentication" value="simple"/>
<module-option name="java.naming.security.protocol" value="ssl"/>
<module-option name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory"/>
<module-option name="java.naming.provider.url" value="LDAP:/>
<module-option name="java.naming.referral" value="follow"/>
<module-option name="bindDN" value="JB_SVRADM@AD.TRS.STATE.TX.US"/>
<module-option name="bindCredential" value="${VAULT::TST4::InternalLDAPLoginPassword::1}"/>
<module-option name="baseCtxDN" value="DC=ad,DC=trs,DC=state,DC=tx,DC=us"/>
<module-option name="rolesCtxDN" value="DC=ad,DC=trs,DC=state,DC=tx,DC=us"/>
<module-option name="baseFilter" value="(sAMAccountName={0})"/>
<module-option name="roleAttributeID" value="memberOf"/>
<module-option name="roleAttributeIsDN" value="true"/>
<module-option name="roleNameAttributeID" value="cn"/>
<module-option name="recurseRoles" value="true"/>
<module-option name="searchScope" value="SUBTREE_SCOPE"/>
<module-option name="allowEmptyPassword" value="false"/>
</login-module>
<login-module name="SelfService" code="LdapExtended" flag="optional">
<module-option name="java.naming.security.authentication" value="simple"/>
<module-option name="java.naming.security.protocol" value="ssl"/>
<module-option name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory"/>
<module-option name="java.naming.provider.url" value="LDAP:/>
<module-option name="java.naming.referral" value="follow"/>
<module-option name="bindDN" value="JB_SVRADM@AD.TRS.STATE.TX.US"/>
<module-option name="bindCredential" value="${VAULT::TST4::ExternalLDAPLoginPassword::1}"/>
<module-option name="baseCtxDN" value="DC=ad,DC=trs,DC=state,DC=tx,DC=us"/>
<module-option name="rolesCtxDN" value="DC=ad,DC=trs,DC=state,DC=tx,DC=us"/>
<module-option name="baseFilter" value="(sAMAccountName={0})"/>
<module-option name="roleFilter" value="(sAMAccountName={0})"/>
<module-option name="roleAttributeID" value="memberOf"/>
<module-option name="roleAttributeIsDN" value="true"/>
<module-option name="roleNameAttributeID" value="cn"/>
<module-option name="roleRecursion" value="true"/>
<module-option name="searchScope" value="SUBTREE_SCOPE"/>
<module-option name="allowEmptyPasswords" value="false"/>
<module-option name="throwValidateError" value="true"/>
</login-module>
<login-module name="RoleMapping" code="org.jboss.security.auth.spi.RoleMappingLoginModule" flag="required">
<module-option name="password-stacking" value="useFirstPass"/>
<module-option name="rolesProperties"
value="file:/>
<module-option name="replaceRole" value="false"/>
</login-module>
</authentication>
</security-domain>