| <!-- |
| |
| Copyright (c) 2005, 2018 Oracle and/or its affiliates. All rights reserved. |
| |
| This program and the accompanying materials are made available under the |
| terms of the Eclipse Public License v. 2.0, which is available at |
| http://www.eclipse.org/legal/epl-2.0. |
| |
| This Source Code may also be made available under the following Secondary |
| Licenses when the conditions for such availability set forth in the |
| Eclipse Public License v. 2.0 are satisfied: GNU General Public License, |
| version 2 with the GNU Classpath Exception, which is available at |
| https://www.gnu.org/software/classpath/license.html. |
| |
| SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0 |
| |
| --> |
| |
| <p><a id="task-createcustomrealm" name="task-createcustomrealm"></a><a id="GHCOM00187" name="GHCOM00187"></a></p> |
| |
| <h4><a id="sthref84" name="sthref84"></a><a id="sthref85" name="sthref85"></a>To Create a Custom Realm</h4> |
| <a name="BEGIN" id="BEGIN"></a> |
| <p>In addition to the three built-in realms, you can also create custom realms that store user data in some other way, such as in a relational database. Development of a custom realm is outside the scope of this document. For more information, see <a href="http://www.oracle.com/pls/topic/lookup?ctx=E26576_01&id=GSDVG00006">Chapter 5, <i>Securing Applications,</i> in <i>Oracle GlassFish Server Application Development Guide</i></a>.</p> |
| <p>For administration purposes, custom realms are implemented by a class (called the <code>LoginModule</code>) derived from the Java Authentication and Authorization Service (JAAS) package.</p> |
| <ol> |
| <li> |
| <p>Follow the procedure in <a href="task-realmnew.html">To Create a Realm</a>, typing the name of the custom realm and the name of the <code>LoginModule</code> class.</p> |
| <p>Use any unique name for the custom realm, for example <code>myCustomRealm</code>.</p> |
| </li> |
| <li> |
| <p>Click OK.</p> |
| </li> |
| <li> |
| <p>Edit the domain's login configuration file, <i>domain-dir</i><code>/config/login.conf</code>, and add the fully qualified class name of the JAAS <code>LoginModule</code> at the end of the file, as follows:</p> |
| <pre> |
| <i>realmName</i> { |
| <i>fully-qualified-LoginModule-classname</i> required; |
| }; |
| </pre> |
| <p>For example,</p> |
| <pre> |
| myCustomRealm { |
| com.foo.bar.security.customrealm.simpleCustomLoginModule required; |
| }; |
| </pre></li> |
| <li> |
| <p>Copy the <code>LoginModule</code> class and all dependent classes into the directory <i>domain-dir</i><code>/lib/classes</code>.</p> |
| </li> |
| <li> |
| <p>Restart the server if Restart Required appears in the Administration Console.</p> |
| </li> |
| <li> |
| <p>Ensure that the realm is properly loaded.</p> |
| <p>Check <i>domain-dir</i><code>/logs/server.log</code> to ensure that the server loaded the realm. The server should invoke the realm's <code>init</code> method.</p> |
| </li> |
| </ol> |
| <a id="GHCOM287" name="GHCOM287"></a> |
| <h5>See Also</h5> |
| <ul> |
| <li> |
| <p><a href="task-realmnew.html">To Create a Realm</a></p> |
| </li> |
| <li> |
| <p><a href="task-realmedit.html">To Edit a Realm</a></p> |
| </li> |
| <li> |
| <p><a href="task-todeleterealm.html">To Delete a Realm</a></p> |
| </li> |
| </ul> |
| |
| |
| |
| <small>Copyright © 2005, 2017, Oracle and/or its affiliates. All rights reserved. <a href="docinfo.html">Legal Notices</a></small> |