I am very much excited to know as to what are the advantages of JDBCRealm?? What is the difference between Container Manages Security(CMS) and Bean Managed Security(BMS?? Is CMS having any advantage over BMS??
Are you talking about Tomcat? I'm not sure this is strictly a JDBC question.
I usually refer to it as programatic or declarative security i.e. security declared in code (maybe even beans) or in the container declaration or configuration. JDBCRealm is one way of implementing declarative security in Tomcat.
It is intially easier to manage security by writing the code into the page, but this quickly becomes nightmarish, particularly when you have some pages that are secure and some that aren't, and some that have a kind of hybrid mixture.
Personally my choice to always use the declarative kind. You then write minor code to manage code changes based on user roles, but you do that in the programming solution anyway.