A realm is a credential store that allows you to control access based on identity or role.
What is a kingdom?
For a web application, a realm is a complete database of users and groups that identify the actual users of the web application (or set of web applications) and are controlled by the same authentication policy.
The Java EE Server Authentication Service can manage users in various areas. In this release of the application server, the administration, administration, and certificate domains are preconfigured for the application server.
In the file pane, the server stores user credentials locally in a file named keyfile. You can use the administrator console to manage users in the file area.
When using a file region, the server authentication service verifies the identity of the user by checking the file region. This area is used to authenticate all clients, with the exception of web browser clients using the HTTPS protocol and certificates.
In the certificate area, the server stores user credentials in the certificate database. When using the certificate scope, the server uses HTTPS certificates to authenticate web clients. To verify the user's identity in the certificate area, the authentication service verifies the X.509 certificate. For step-by-step instructions for creating this type of certificate, see Working with Digital Certificates. The common name field is the X.509 certificate name field.
The administrative area is also FileRealm and stores the user administrator credentials locally in a file called admin-keyfile. You can use the administrator console to manage users in this area in the same way as you manage users in the file area. For more information, see Manage Users and Groups on the Application Server.