A Realm element represents a "database" of usernames,
passwords, and roles (similar to Unix groups) assigned
to those users. Different implementations of Realm allow Catalina to be
integrated into environments where such authentication information is already
being created and maintained, and then utilize that information to implement
Container Managed Security as described in the Servlet
Specification.
A Catalina container (Engine,
Host, or Context) may
contain no more than one Realm element (although if supported by the Realm
this one Realm may itself contain multiple nested Realms). In addition, the
Realm associated with an Engine or a Host is automatically inherited by
lower-level containers unless the lower level container explicitly defines its
own Realm. If no Realm is configured for the Engine, an instance of the
Null Realm
will be configured for the Engine automatically.
For more in-depth information about container managed security in web
applications, as well as more information on configuring and using the
standard realm component implementations, please see the
Container-Managed Security Guide.
The description below uses the variable name $CATALINA_BASE to refer the
base directory against which most relative paths are resolved. If you have
not configured Tomcat for multiple instances by setting a CATALINA_BASE
directory, then $CATALINA_BASE will be set to the value of $CATALINA_HOME,
the directory into which you have installed Tomcat.