Managing Users and Groups
Managing Users and Groups
Some Other Terminology
The following terminology is also used to describe the security requirements of the Java EE
platform:
Principal
: A principal is an entity that can be authenticated by an authentication protocol in
a security service that is deployed in an enterprise. A principal is identified using a principal
name and authenticated using authentication data.
Security policy domain
(also known as security domain or realm): A security policy
domain is a scope over which a common security policy is defined and enforced by the
security administrator of the security service.
Security attributes
: A set of security attributes is associated with every principal. The
security attributes have many uses, for example, access to protected resources and auditing
of users. Security attributes can be associated with a principal by an authentication protocol.
Credential
: A credential contains or references information (security attributes) used to
authenticate a principal for Java EE product services. A principal acquires a credential upon
authentication, or from another principal that allows its credential to be used.
Managing Users and Groups on the Application Server
Managing users on the Application Server is discussed in more detail in the Sun Java System
Application Server 9.1 Administration Guide.
This tutorial provides steps for managing users that will need to be completed to work through
the tutorial examples.
Adding Users to the Application Server
To add users to the Application Server, follow these steps:
1. Start the Application Server if you haven't already done so. Information on starting the
Application Server is available in
2. Start the Admin Console if you haven't already done so. You can start the Admin Console by
starting a web browser and entering the URL http://localhost:4848/asadmin. If you
changed the default Admin port during installation, enter the correct port number in place
of 4848.
3. To log in to the Admin Console, enter the user name and password of a user in the
admin-realm
who belongs to the asadmin group. The name and password entered during
installation will work, as will any users added to this realm and group subsequent to
installation.
4. Expand the Configuration node in the Admin Console tree.
5. Expand the Security node in the Admin Console tree.
6. Expand the Realms node.
Working with Realms, Users, Groups, and Roles
Chapter 28 · Introduction to Security in the Java EE Platform
781
