When a sub realm is created it inherits configuration data (including which user data store to access) from the root realm (by default, / (Top Level Realm)) and uses said data to authenticate users. The user data store can be modified per sub realm. In this deployment, we use the inherited Generic LDAPv3 data store.
Access https://osso1.sp-example.com:1081/opensso/console from a web browser.
Log in to the OpenSSO Enterprise console as the administrator.
Click the Access Control tab.
Click New to create a new realm.
The New Realm page is displayed.
Set the following attribute values on the New Realm page.
Enter users in the New Value field and click Add.
The users realm is listed as a sub realm of / (Top Level Realm), the root realm.