Replacing default Realm in Geronimo has been created by Runhua Chi (Jun 02, 2009).


This article is about how to replace default properties realm geronimo-admin with SQL or LDAP realms.

By default, Geronimo is using a properties realm for authentication named geronimo-admin, which is used by JMX server, Admin Console, Online-deploy and MEJB application. However, you may not want to use it for production use. Alternatively, you can use database(SQL) or LDAP realms in a production environment. To replace the default realm, you must do the following:

  1. Deploy a new realm with real-name geronimo-admin either from the Admin console or using command line. Refer to Administering security realms for how to create a SQL or LDAP realm using the Admin Console. When it's done, a new realm is created with plugin id console.realm/geronimo-admin/1.0/car. At the mean time, a new line is added into var/config/config.xml under Geronimo installation directory like
    <module name="console.realm/geronimo-admin/1.0/car"/>
  2. Locate org.apache.geronimo.framework/server-security-config/2.2/car in config.xml when the server is stopped and disable the default realm. The updated config.xml will be looked like this
         <module name="org.apache.geronimo.framework/server-security-config/2.2/car">
               <gbean name="geronimo-admin" load="false"/>
  3. Restart the server and test with new userid and password instead of default system and manager. You can successfully log into the Admin console.

Powered by Atlassian Confluence (Version: 2.2.9 Build:#527 Sep 07, 2006) - Bug/feature request

Unsubscribe or edit your notifications preferences