Child pages
  • Replace default realm with others
Skip to end of metadata
Go to start of metadata

This article is about how to replace default properties realm geronimo-admin with SQL or LDAP realms in v2.1.

By default, Geronimo is using a properties realm for authentication named geronimo-admin, which is used by JMX server, Admin Console, Online-deploy and MEJB application. However, you may not want to use it for production use. Alternatively, you can use database(SQL) or LDAP realms in a production environment. To replace the default realm, you must do the following:

  1. Deploy a new realm with realm-name geronimo-admin either from the Admin console or using command line. Refer to Administering security realms for how to create a SQL or LDAP realm using the Admin Console. When it's done, a new realm is created with plugin id console.realm/geronimo-admin/1.0/car. At the mean time, a new line is added into var/config/config.xml under Geronimo installation directory like
         <module name="console.realm/geronimo-admin/1.0/car"/>
      
  2. Locate org.apache.geronimo.framework/server-security-config/2.1/car in config.xml when the server is stopped and disable the default realm. The updated config.xml will be looked like this
         ...
         <module name="org.apache.geronimo.framework/server-security-config/2.1/car">
               <gbean name="geronimo-admin" load="false"/>
         </modoule>
         ...
      
  3. Restart the server and test with new userid and password instead of default system and manager. You can successfully log into the Admin console.
  • No labels