Security realms allow you to secure your web applications against unauthorized access. Protection is based on authentication that identifies who is requesting access to the webapp and access control that restricts what can be accessed and how it is accessed within the webapp.

Avoid Unauthorizd user access to the server

NOTE: Please review the benchmark to ensure target compliance.


A webapp statically declares its security requirements in its web.xml file. Authentication is controlled by the element. Access controls are specified by and elements.

This control applies to the following type of system Unix.