Realm Identity Stores Support
Since Payara Server 5.194
A security realm contains a collection of users with a password and the optional roles that are used to authenticate the users. Payara Server comes with a set of preconfigured realms(file, certificate, and admin) which can be specified in the deployment descriptor of web application but the web deployment descriptor allows only a single realm-name definition per module.
The Payara API provides a way to easily secure a web application with single or multiple realms in a portable way using the Jakarta EE Identity Stores which may register the non-existing realm in the server using the application defined configuration and mapped to Payara realms to authenticate the users. The realm identity stores are initialized by specifying any of the following annotations in a valid place as defined by the Jakarta EE Security API.