geronimo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Jencks <david_jen...@yahoo.com>
Subject Re: what is relation between a security-realm-name and a credential-store?
Date Mon, 05 Apr 2010 18:17:49 GMT

On Apr 5, 2010, at 10:41 AM, Sarah.kho wrote:

> 
> Hi,
> 
> Can you please let me know what is the relation between security-realm-name

a security realm is a way to go from credentials to a complete Subject that can be used for
authorization.  It has a name to identify it.

> and a credential-store which we can use in the geronimo-web.xml?

In Geronimo, all Subjects come from a security realm.  Therefore if you want a default subject
or a subject for a role to use in a run-as-role, you need some credentials to supply to the
security realm to get the subject out.  These are held in a credential store.  If you don't
want unauthenticated users to have any roles and you don't use run-as roles you don't need
a credential store.

thanks
dsvid jencks

> 
> thanks.
> -- 
> View this message in context: http://n3.nabble.com/what-is-relation-between-a-security-realm-name-and-a-credential-store-tp698302p698302.html
> Sent from the Users mailing list archive at Nabble.com.


Mime
View raw message