Web Server Information

Using telnet, connect to web port, usually 80, then issue these commands to get web server information: telnet website 80 get / host:website

Realm Etc

Realm is a basic concept, but I never make it clear to me. It's time to review it.

https://docs.oracle.com/javaee/7/tutorial/doc/security-intro005.htm

A realm is a security policy domain defined for a web or application server.

A realm contains a collection of users, who may or may not be assigned to a group.

In some applications, authorized users are assigned to roles. In this situation, the role assigned to the user in the application must be mapped to a principal or group defined on the application server

A realm is a complete database of users and groups identified as valid users of one or more applications and controlled by the same authentication policy.

To be simple, Realm is a way of user database implementation. can be in file, then called file realm,

in a certification database, then called certificate realm, etc

Group is purely grouping user together for management convenience. it's service wise.

Role is about access control. An abstraction of relationship between user and resource access. it's application wise.

Role can be mapped user directly or indirectly via group, but the target is to grant user access privileges.