...
In this section we will focus on the use a database for verifying and retrieving user names and passwords.
...
Database Pool: SecurityDatabasePool
JDBC Driver Class: org.apache.derby.jdbc.EmbeddedDriver
Driver JAR: org.apache.derby/derby/10.1.1.0/jar
JDBC URL: jdbc:derby:SecurityDatabase
The following step will allow you to enable auditing for monitoring the login attempts via this realm. In this step you can also configure the account lockout based on the number of failed loging attempts withing a specified timeframe. If you enable Store Password, then it will allow the realm to store the user's password in a private credential in the "Subject". If you enable Naming Credential, in addition to the user's password, this option will use private credentials to store user names too.
...
If you get an error the first time you try to validate this realm, you will very likely see the SQL Exception: Failed to start database ...
error in the terminal and logs. This is a know issue with Derby, you will need to restart Geronimio so the new database can communicate properly.
...
<geronimo_home>\bin\deploy --user system --password manager deploy <realm_path>\derby_security_realm.xml
...
...
Once the security realm has been created, you can use the usage link to view samples of how to use the new realm in your applications.