This article is about how to replace default properties realm geronimo-admin with SQL or LDAP realms in v2.1.

By default, Geronimo is using a properties realm for authentication named geronimo-admin, which is used by JMX server, Admin Console, Online-deploy and MEJB application. However, you may not want to use it for production use. Alternatively, you can use database(SQL) or LDAP realms in a production environment. To replace the default realm, you must do the following:

1. Deploy a new realm with realm-name geronimo-admin either from the Admin console or using command line. Refer to Administering security realms for how to create a SQL or LDAP realm using the Admin Console. When it's done, a new realm is created with plugin id console.realm/geronimo-admin/1.0/car. At the mean time, a new line is added into var/config/config.xml under Geronimo installation directory like
2. Locate org.apache.geronimo.framework/server-security-config/2.1/car in config.xml when the server is stopped and disable the default realm. The updated config.xml will be looked like this
3. Restart the server and test with new userid and password instead of default system and manager. You can successfully log into the Admin console.