why form based authentication does not specify realm
posted 10 years ago
Not following at all. Both basic and form authentication are specified in the web.xml file, which has no concept of realms. I'm only familiar with Tomcat, where you specify realms in the server.xml file, which is independent of any actual method of authentication you might want to use. Can you clarify where you see the difference between basic auth and form auth?