PAMRealm in GlassFish 3.1
By nitkal on Jan 25, 2011
A new realm (PamRealm) has been made available in GlassFish 3.1 for Unix based OSx (Solaris, Linux, MacOS). PAMRealm is based on the Pluggable Authentication Module (PAM) mechanism of the underlying Unix OSx. If this realm is configured for an application deployed in GlassFish, users created in the underlying OSx can authenticate themselves to access an application, with their Unix passwords.
PamRealm can be configured either through the admin-console (server-config->Security->Realms->New). This realm can be chosen from the dropdown in the list of Realm classes. The jaas-context for the realm is pamRealm.
This realm can also be configured using the asadmin CLI :
./asadmin create-auth-realm --classname com.sun.enterprise.security.auth.realm.pam.PamRealm --property jaas-context=pamRealm PamRealm
Command create-auth-realm executed successfully.
The pamRealm jaas-context has been mapped to the following LoginModule class in login.conf
To configure this realm, GlassFish should be installed as the root user (that can access the PAM's underlying authentication files in Unix)