it has two approach:
1-without having password with session.
2-with having password with session.
if you choose 1 ,you could see following sample:
1-create security-domain in jboss/server/default/conf/login-config.xml , for example:
<application-policy name="LdapToActiveDirectory">
<authentication>
<login-module code="org.jboss.security.auth.spi.LdapLoginModule" flag="required" >
<module-option name="java.naming.provider.url">ldap://opxiAppServer.cc.basamad.acc:389/</module-option>
<module-option name="rolesCtxDN">ou=opxi,dc=cc,dc=basamad,dc=acc</module-option>
<module-option name="matchOnUserDN">false</module-option>
<module-option name="principalDNSuffix">@cc.basamad.acc</module-option>
<module-option name="uidAttributeID">sAMAccountName</module-option>
<module-option name="roleAttributeID">memberOf</module-option>
<module-option name="roleAttributeIsDN">true</module-option>
<module-option name="roleNameAttributeID">name</module-option>
<module-option name="multi-threaded">true</module-option>
</login-module>
</authentication>
</application-policy>
and add this line to ./WEB-INF/jboss-web.xml, for example:
<jboss-web>
<security-domain>java:/jaas/LdapToActiveDirectory</security-domain>
<context-root>/opxi-manager</context-root>
</jboss-web>
and then make your login page, for example:
<form action="j_security_check" method="post">
<input type="text" name="j_username">
<input type="password" name="j_password">
<input type="submit" value="submit it">
</form>
and it is over
but if you wanna 2, you should implement loginModule for login to your system.