Writing a Custom Security Realm

The ORB comes with an implementation of the Security Realm, called the basic realm. This section outlines the requirements that you need to follow if you want to write your own implementation.

• a realm is identified to the ORB by a properties file

 
• the name of the properties file is the name of the realm

 
• the realm properties file should be placed in the db/realms directory

 
• the realm properties should contain a distinguished property "realm.class" which is the Class name of your realm implementation. For example, the "bank" realm, which is an instance of the ORB's BasicRealm, contains the following line:

 
realm.class=com.sssw.jbroker.security.realms.BasicRealm
 
• the digest parameter presented on the authenticateDigest method is the MD5 hash of the MD5 hash of the realm name, principal, and passphrase, and the nonce. That is,

 
digest = MD5(MD5(realm, principal, passphrase), nonce).

---

Copyright © 1998-2003, Novell, Inc. All rights reserved.