This article is about how to replace default properties realm geronimo-admin with SQL or LDAP realms in v2.1.
By default, Geronimo is using a properties realm for authentication named geronimo-admin, which is used by JMX server, Admin Console, Online-deploy and MEJB application. However, you may not want to use it for production use. Alternatively, you can use database(SQL) or LDAP realms in a production environment. To replace the default realm, you must do the following:
- Deploy a new realm with realm-name geronimo-admin either from the Admin console or using command line. Refer to Administering security realms for how to create a SQL or LDAP realm using the Admin Console. When it's done, a new realm is created with plugin id
console.realm/geronimo-admin/1.0/car. At the mean time, a new line is added intovar/config/config.xmlunder Geronimo installation directory like<module name="console.realm/geronimo-admin/1.0/car"/> - Locate
org.apache.geronimo.framework/server-security-config/2.1/carinconfig.xmlwhen the server is stopped and disable the default realm. The updatedconfig.xmlwill be looked like this... <module name="org.apache.geronimo.framework/server-security-config/2.1/car"> <gbean name="geronimo-admin" load="false"/> </modoule> ... - Restart the server and test with new userid and password instead of default system and manager. You can successfully log into the Admin console.