This is what I got thru the internet search: A security realm is a mechanism used for protecting Web application resources. It gives you the ability to protect a resource with a defined security constraint and then define the user roles that can access the protected resource.It provides a mechanism by which a collection of usernames, passwords, and their associated roles can be integrated into an application. So basically the operational environment server has realms probably for each department which describes the users and roles in that department. So u can hook a realm to an EJB container and the container queries the realm for authentication.
Sudhir V<br />(SCJP 1.2, SCWCD, OCA, SCBCD)
posted 16 years ago
Thanks! But what's the one pricipal realm and multiple realms, what's the diff?
That's how I understand the one/multiple realm stuff: Multiple realms can exist in a single environment. Each realm has probably different users and roles. EJB requires only one realm support for container/server at a time - so if the first realm has a user A with a role 'king' and the second realm a user B with a role 'queen', it's not mandatory for EJB container/server to be able to plug the EJB application in such a way that it supports both realms and thus both users and roles (B->'queen' and A->'king').
I've been selected to go to the moon! All thanks to this tiny ad:
Building a Better World in your Backyard by Paul Wheaton and Shawn Klassen-Koop