This is what I got thru the internet search:
A security realm is a mechanism used for protecting Web application resources. It gives you the ability to protect a resource with a defined security constraint and then define the user roles that can access the protected resource.It provides a mechanism by which a collection of usernames, passwords, and their associated roles can be integrated into an application.
So basically the operational environment server has realms probably for each department which describes the users and roles in that department. So u can hook a realm to an
EJB container and the container queries the realm for authentication.
Sudhir V<br />(SCJP 1.2, SCWCD, OCA, SCBCD)