What Is a Realm
What Is a Realm
The following sections provide more information on realms, users, groups, and roles.
What Is a Realm?
For a web application, a realm is a complete database of users and groups that identify valid users
of a web application (or a set of web applications) and are controlled by the same authentication
policy.
The Java EE server authentication service can govern users in multiple realms. In this release of
the Application Server, the file, admin-realm, and certificate realms come preconfigured
for the Application Server.
In the file realm, the server stores user credentials locally in a file named keyfile. You can use
the Admin Console to manage users in the file realm.
When using the file realm, the server authentication service verifies user identity by checking
the file realm. This realm is used for the authentication of all clients except for web browser
clients that use the HTTPS protocol and certificates.
User 1
User 2 User 3
User 1
User 2 User 3
Group 1
Application
Role 1
Role 2
Application
Role 1
Role 2
User 1
User 2 User 3
User 1
User 2 User 3
Group 1
Create users
and/or groups
Define roles
in application
Map roles to users
and/or groups
FIGURE 286
Mapping Roles to Users and Groups
Working with Realms, Users, Groups, and Roles
Chapter 28 · Introduction to Security in the Java EE Platform
779
