A term sometimes used for domain, in this case to refer to user domains established for security reasons, not Internet domains. For password-protected files, the name of the protected resource or area on the server. If the user tries to access the protected resource while browsing, the name of the realm usually appears in the dialog box that asks for a user name and password.
A unique name given to each protected area on a server, whether it be a single document or an entire server.
The scope of the authority by which the Principal is authenticated in software security.
a collection of pages, images and applications (collectively known as "resources") that is protected by a login or authentication method
a collection of users that are controlled by the same authentication policy
a collection of users under the same authentication policy
a configuration mechanism that enables you to identify which portions of your site are accessible and which portions are restricted to some or all users
a database containing users and their roles (sets of permissions to access server-resources)
a "database" of usernames and passwords that identify valid users of a web application (or set of web applications), plus an enumeration of the list of roles associated with each valid user
a database of users (usernames, passwords, groups/roles)
a group of server resources that share the same authentication
a Java class that provides access to a store of Users, Groups, Acls, and related services
a logical network, like a domain, which defines a group of systems under the same master KDC
a logical network, similar to a domain, that defines a group of systems under the same master KDC
an arbitrary string that is presented to users when they are asked for their passwords
a registry of users along with a single method of authenticating those users (for example, a user's name and password)
a repository of Logon identifiers (also known as user names) that identify a user Passwords that are used to authenticate a given logon identifier Roles that each user is authorized to assume
a set of usernames and group names associated with a directory or virtual path
a string you can assign to a URL name space under ACL control
a URI, such as "/admin" and all resources under that URI, such as "/admin/moderation" and "/admin/users"
a user community instance maintained by the authorization system
a user directory containing user names and passwords with optional group classification
a way of associating a group of users and the protocol used to verify their credentials
A database of users, groups, and access control lists. Used to specify which users have access to the resources of a specific service (for example, to the Web Page Service).
Realms enable the protected resources on a server to be partitioned into a set of protection spaces, each with its own authentication scheme and/or authorization database.
A distinct set of usernames and group names. If you have more than one organization’s information on your server, you can create and allocate user and group names for each realm independently.
A term used in HTTP and proxy access authorization that helps the user identify which part of the system is requesting an HTTP or proxy user name and password.
n. In the WebSphere family of products, a database of users, groups, and access control lists. A user must be defined in a realm to access any resource belonging to that realm.
See security policy domain. Also, a string, passed as part of an HTTP request during basic authentication, that defines a protection space. The protected resources on a server can be partitioned into a set of protection spaces, each with its own authentication scheme and/or authorization database.
A realm is a logical group of users, who usually can be authenticated using one particular method. Grouping users into realms simplifies the management of those users in a distributed environment. For example, an ISP's users may be from different organizations located in different cities. Each organization already has one way or another to authenticate its users and each corresponds to a realm. Each realm would be responsible for managing its users, providing authentication and authorization for their access requests. A realm has a name that looks very much like a domain name, but they bear different meanings. Realms are only used by the AAA Server to determine where an authentication request should be sent and what kind of authentication to request, etc. Naming a realm with its domain name simplifies things for the users, since their access ids will then look the same as their e-mail addresses. A realm may also have multiple aliases, providing a way to shorten long realm names.
1. Short for identity management realm. 2. A Kerberos object. A set of clients and servers operating under a single key distribution center/ticket-granting service (KDC/TGS). Services (see kservice) in different realms that share the same name are unique.
In the DIGEST-MD5 authentication mechanism, "the name of a collection of accounts that might include the user's account. This string should contain at least the name of the host performing the authentication and might additionally indicate the collection of users who might have access. An example might be '
[email protected]'." --RFC 2831
Each administrative domain will have its own Kerberos database, which contains information about the users and services for that particular site or administrative domain. This administrative domain is the " Kerberos realm".
A network that uses Kerberos, composed of one or a few servers (also known as KDCs) and a potentially very large number of clients.
1. The logical network that is served by a single SEAM database and a set of Key Distribution Centers (KDCs). 2. The third part of a principal name. For the principal name joe/
[email protected], the realm is ENG.EXAMPLE.COM. See also principal name.
The scope of a Kerberos deployment. Specifically, the organization domain for which the KDC is trusted to authenticate principals.
A Kerberos object. A set of clients and servers operating under a single key distribution center/ticket-granting service (KDC/TGS). kservices that are in different realms but that have the same name are unique.
A domain which shares an authentication database and servers. There is a single name-space for principal name/instance pairs within a realm. A realm is also a logical collection of clients and servers registered in the database.
A network that uses Kerberos, composed of one or more servers called KDCs and a potentially large number of clients.
A cell, considered exclusively from the point of view of security; this term is used in Kerberos specifications.
A set of security principles, in a non-Windows networked environment, that are subject to Kerberos authentication. See also: Kerberos V5 authentication protocol