It is helpful to understand security from an infrastructure standpoint so that you know the advantages of different authentication mechanisms, user registries, authentication protocols, and so on. Picking the right security components to meet your needs is a part of configuring global security. For more information, see Global security.
When you understand the security components, you can proceed to configure global security in WebSphere Application Server - Express.
Perform these steps:
Start the WebSphere administrative console.
If security is currently disabled, log in with any user ID. If security is currently enabled, log in with a predefined administrative ID and password (this is typically the server user ID specified when you configured the user registry).
In left navigation menu of the administrative console, click Security.
Configure a user registry
WebSphere security requires the a user registry, which is used to authenticate users to protected resources.
Configure the authentication mechanism
Configure the mechanism the WebSphere Application Server - Express uses to authenticate users.
(Optional) Configure single signon
If you configured LTPA as your authentication mechanism and your applications contain form-based login, you may want to configure single signon.
(Optional) Configure a trust association interceptor
If you are using a third-party reverse-proxy server (such as WebSEAL) in your topology, see this topic for more information.
(Optional) Change the default SSL keystore and truststore files
WebSphere Application Server - Express ships with default SSL keystore and truststore files that should not be used in a production environment, although they can be used in test environments. See this topic for more information.
Enable global security
After you have completed configuring your security settings, enable global security