Understanding Users, Groups, Roles, and Realms

In the JDBC realm, the server gets user credentials from a database. The Enterprise Server uses the database information and the enabled JDBC realm option in the configuration file. For digest authentication, a JDBC realm should be created with jdbcDigestRealm as the JAAS context.

In the solaris realm the server gets user credentials from the Solaris operating system. This realm is supported on the Solaris 9 OS and later. Consult your Solaris documentation for information on managing users and groups in the solaris realm.

A custom realm is any other repository of user credentials, such as a relational database or third-party component. For more information, see the Admin Console online help.

To Configure a JDBC Realm for a Web, EJB Application

The Enterprise Server enables you to specify a user's credentials in the JDBC realm instead of in the connection pool. Using the JDBC realm instead of the connection pool prevents other applications from browsing the database tables for the user's credentials. A user's credentials are the user's name and password.

Note – By default, storage of passwords as clear text is not supported in the JDBC realm. Under normal circumstances, passwords should not be stored as clear text.

1Create the database tables in which to store the users' credentials for the realm.

How to create the database tables depends on the database that you are using.

2Add the users' credentials to the database tables that you created in Step 1.

How to add users' credentials to the database tables depends on the database that you are using.

3Create a JDBC realm.

Use the Admin Console GUI for this purpose. For instructions for creating a JDBC realm, see the online help for the Admin Console GUI.

4Specify the realm that you created in Step 3 as the realm for the application.

To specify the realm, modify the appropriate deployment descriptor for your application:

For an enterprise application in an Enterprise Archive (EAR) file, modify the sun-application.xmlfile.

For a web application in a Web Application Archive (WAR) file, modify theweb.xml file.

For an enterprise bean in an EJB JAR file, modify thesun-ejb-jar.xmlfile.

For more information about how to specify a realm, see “How to Set a Realm for an Application or Module” in Sun GlassFish Enterprise Server 2.1 Developer’s Guide.

Chapter 9 • Configuring Security

107

Page 106 Page 108
Page 107
Image 107
Sun Microsystems 820433510 manual To Configure a Jdbc Realm for a Web, EJB Application, Create a Jdbc realm
Page 106 Page 108
Top Page Image Contents