• The second method is to implement your own implementation of the
ment javax.security.auth.message.config.ServerAuthConfig ,
javax.security.auth.message.config.ServerAuthContext , and
terfaces. For those who are thrilled about the adventure, you will find all
the necessary information in this blog: http://arjan-tijms.blogspot.com/2012/
Creating a realm
We will tell the GlassFish server where all the associated users and groups that can
access the secure sections of our application are stored. In other words, we will con-
figure the realm of our application.
For your information, GlassFish provides the ability to define several types of realms.
They are listed as follows:
• The file realm, for storing user information in files. This is the default realm.
• The ldap realm, for storage in an LDAP directory server.
• The jdbc realm, for storing in a database.
• The solaris realm, for authentication management based on Solaris user-
name and password.
• The certificate realm, for authentication management using certificates.
• And if none of these realms satisfy your need, don't worry; GlassFish offers
the possibility of creating your own realm.
In our case, we opt for the jdbc realm; we need a database structure to store the
necessary information (the user name, its password, and the group to which it be-
longs). The following screenshot shows the structure of tables in which our informa-
tion is stored: