To administer security realms via the Geronimo Administration Console the Security Realms portlet is available on the Console Navigation menu on the left hand side. This portlet allows you to add a new security realm or edit an existing one. To remove realms you would normally use the command line option with the Deployer tool.
When you create a new realm you will have to choose from the following realm types available:
- Certificate Properties File realm
- Database (SQL) realm
- LDAP realm
- Properties File realm
- Kerberos realm
Other than the four available options which you can choose from Administration Console, you can also create your custom realm type when none of the above fits your business needs. This requires creating your own implementation of class org.apache.geronimo.security.realm.providers
, which implements the javax.security.auth.spi.LoginModule
interface.
If you defined your own security realm and plan to use it within your application, you must define a dependency to the security realm in the deployment plan file.