We presently come with an Apache/Tomcat (5.5) application running and we are while using LDAP authentication feature (by setting up the realm) against a multi domain structure and it is working great. One factor we wish to do is limit use of customers according to their membership on the specific group in AD. Essentially, only customers of GroupA is going to be alowed to gain access to the application. I am wondering if it configuration can be done. If that's the case, are you able to point me within the right direction? Thanks ahead of time.

In my opinion you are able to make this happen using the mod_authnz_ldap module in apache: