|Home > Documentation > Configuring and administering > Administering Security > Replacing default Realm in Geronimo|
This article is about how to replace default .properties realm
geronimo-admin with SQL or LDAP realms.
By default, Geronimo is using a .properties file realm for authentication named
geronimo-admin, which is used by JMX server, Administration Console, Online-deploy and MEJB applications. However, you may not want to use it for production use. Alternatively, you can use database or LDAP realms in a production environment. To demonstrate how to replace the default realm, we will use two samples as followed:
In this example, we will use an embedded Derby database as the security provider.
SecurityDatabaseusing DB manager in the administration console.
Groupsto store user credential and group information. In the DB manager portlet copy and paste the above SQL into SQL Commands box and select the
SecurityDatabasedatabase and press Run SQL button to create the tables.
SecurityDatabasePoolusing Database Pools portlet under Datasources in the console. Make sure to specify the Database Name as
$GERONIMO_HOME/var/config/config.xmlfile to enable the SQL realm. Make sure to substitute
VERSIONstring with the appropriate Geronimo version. Where
To replace the default .properties file realm using a LDAP realm, the configuration is nearly identical to the sample above. The only difference is to use
LoginModuleClass. Here is the code snippet you can use in
config.xml. Make sure to substitute
VERSION string with the appropriate Geronimo version.