Java Reference
In-Depth Information
<glassfish-web-app error-url=""
httpservlet-security-provider="AuthModule1">
<class-loader delegate="true"/>
</glassfish-web-app>
• The second method is to implement your own implementation of the
AuthConfigProvider
interface.Therefore,inthiscase,youneedtoimple-
ment
javax.security.auth.message.config.ServerAuthConfig
,
javax.security.auth.message.config.ServerAuthContext
, and
javax.security.auth.message.config.AuthConfigProvider
in-
terfaces. For those who are thrilled about the adventure, you will find all
the necessary information in this blog:
http://arjan-tijms.blogspot.com/2012/
Creating a realm
We will tell the GlassFish server where all the associated users and groups that can
access the secure sections of our application are stored. In other words, we will con-
figure the realm of our application.
For your information, GlassFish provides the ability to define several types of realms.
They are listed as follows:
• The
file
realm, for storing user information in files. This is the default realm.
• The
ldap
realm, for storage in an LDAP directory server.
• The
jdbc
realm, for storing in a database.
• The
solaris
realm, for authentication management based on Solaris user-
name and password.
• The
certificate
realm, for authentication management using certificates.
• And if none of these realms satisfy your need, don't worry; GlassFish offers
the possibility of creating your own realm.
In our case, we opt for the
jdbc
realm; we need a database structure to store the
necessary information (the user name, its password, and the group to which it be-
longs). The following screenshot shows the structure of tables in which our informa-
tion is stored:
