Originally posted by Kshitij Ktambe:
Can anybody give me a one sentence definition of a principal realm?
A principal realm is some vendor-specific 'mechanism' by which you tell the container how to assign Principals to users or groups. For instance, you can have the container validating users against a database or a LDAP server. Let's take
JBoss, for instance: it comes with, amongst the others, a security realm by which you can have your Application server authenticating logged in users against a database, and then assigning users to groups and roles. This is necessary for the
EJB Container because, in case security has been set (or used) for an EJB, the Container needs to know the 'principal' who invoked a certain method.
Sorry if this is not a 'one sentence' answer, but I needed more than one sentence to explain myself.