Realm
For a web application, a realm is a complete database of users and groups that identify valid users of a web application (or a set of web applications) and are controlled by the same authentication policy.
The Java EE server authentication service can govern users in multiple realms. In this release of the Application Server, the file, admin-realm, and certificate realms come preconfigured for the Application Server.
In the file realm, the server stores user credentials locally in a file named keyfile. You can use the Admin Console to manage users in the file realm.
When using the file realm, the server authentication service verifies user identity by checking the file realm. This realm is used for the authentication of all clients except for web browser clients that use the HTTPS protocol and certificates.
In the certificate realm, the server stores user credentials in a certificate database. When using the certificate realm, the server uses certificates with the HTTPS protocol to authenticate web clients. To verify the identity of a user in the certificate realm, the authentication service verifies an X.509 certificate. For step-by-step instructions for creating this type of certificate, see Working with Digital Certificates. The common name field of the X.509 certificate is used as the principal name.
The admin-realm is also a FileRealm and stores administrator user credentials locally in a file named admin-keyfile. You can use the Admin Console to manage users in this realm in the same way you manage users in the file realm. For more information, see Managing Users and Groups on the Application Server.
OpenEdge Supports?
Realm | Description |
JDBC Realm | The
JDBC realm is a user management system built on a database. It reads user, password, group, and Bussiness Process Server specific information from the database. It also provides password encryption |
LDAP | The
LDAP realm employs the LDAP directory service to retrieve user, password, and general group information. Other Business Process Server-specific information is retrieved from the database. LDAP runs over TCP/IP and features a hierarchical structure. Business Process Server supports Sun Java System Directory Server 5.2 and MS Active Directory for Windows 2000. |
LDAP | The
LDAP hybrid realm uses a combination of LDAP realm and Business Process Server database. Typically, the LDAP realm is used for authentication and Business Process Server database is used to store groups related information. |
OERealm | The
OEHybrid realm is a combination of the JDBC realm and the OpenEdge AppServer
based service. Business Process Server (BP Server) supports the single point of authentication (SPA) service using the OEHybrid realm. |
No comments:
Post a Comment