A (security) realm is:
- a administrative domain
- security policy domain
- a protection spaces (It gives namespace functionality. One user may exist in two different realms)
Each security realm consists of a set of:
- configured security providers,
- security roles,
- security policies.
A user must be defined in a security realm in order to access any resources belonging to that realm.
A realm is a complete database of users and groups identified as valid users of one or more applications and controlled by the same authentication policy.
When a user attempts to access a particular resource, the application tries to authenticate and authorize the user by checking the security role assigned to the user in the relevant security realm and the security policy of the particular resource.