The default properties file realm is not recommended for a Geronimo server used in a production environment. It is recommended that you use a database (SQL) realm or an LDAP realm. In order to replace the default realm, carry out the following steps:
Deploy a new realm with realm-name geronimo-admin.
Delete the realm GBean corresponding to the default properties realm in server-security-config. Edit config.xml and add the following GBean under the server-security-config module to disable the default-realm:
<module name="org.apache.geronimo.framework/server-security-config/2.1.4/car"> <gbean name="geronimo-admin" load="false"/> </module>