Configuration options for XACML Policy Locators using LDAP
Configuration  The following options are configurable: url - The LDAP server URL to connect to factory - The JNDI factory that is JDK specific such as "com.sun.jndi.ldap.LdapCtxFactory" username - The username to connect to the LDAP server. This user must have search privileges password - The password of the user to connect to the LDAP server filter - The search filter to be used to find the entries that have a policy attribute - The name of the entry's attribute containing the XACML policy in the xml format searchScope - Scope of the search for entries. Default is SUBTREE searchTimeLimit - Search time limit. Default is 10000 (10 seconds)   The password value can be masked using PBE. To create a masked password invoke  org.jboss.security.xacml.util.PBEUtils salt iterationCount password  When using a masked password add also the options  salt - the 8 character String iterationCount - an integer  Those options must have the same value used for encryption.