How the Realm in the HTTP Basic Authentication is treated by IBM WebSphere Application Server (V9)
Question
I would like to know should I set the same value for the realm in the web.xml as the value of federated repository on the server(WAS V9).
my configuration is as follows.
server configuration
Set up file-based user realm by configuring "Federated repositories" under "User account repository" on the WAS management console. The realm of this repository is "defaultWIMFileBasedRealm".(this is default)
application configuration
web.xml is as follows.
...
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>hogehoge</realm-name>
</login-config>
...
The value of web.xml's realm is not matched with the value of the repository on the server. But basic authentication worked well without any problem.
so my question is
Is there no need to set same value for both realm?
How the realm in the web.xml is used in the WAS server?
1 answers
solution1
1 ACCPTED 2018-08-29 08:48:37
The realm in WAS has nothing to do with realm in web.xml. So answering your questions:
- Is there no need to set same value for both realm?
No, they can be totally different.
- How the realm in the web.xml is used in the WAS server?
The realm in web.xml is used on the popup dialog in Basic authentication. So you will see it in the browser. The only purpose of it is to help user decide what username/password he should enter :-)
The realm in WebSphere is used internally for SSO, in LTPA token and has no real meaning for application end user.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.