Security realms provide access to an identity store and are used to obtain credentials. These credentials allow authentication mechanisms to obtain the raw AuthorizationIdentity for performing authentication.
A realm mapper is associated with a security domain and is used in cases where a security domain has multiple security realms configured. The realm mapper uses the name provided during authentication to choose a security realm for authentication.