See these topics for information about configuring security in WebSphere Application Server - Express:
Configure global security
See this topic for information about configuring the WebSphere global security.Role-based authorization
WebSphere Application Server uses roles to check a user's authorization to protected resources. See this topic for information about how role-based authoration works in WebSphere Application Server. For information about configuring role-based authorzation, see the following topics:Assign users to administrative roles
WebSphere global security is role-based, which means that users and groups must be assigned roles that allow them to access certain resources. See this topic for information about administrative roles.Assign users to naming roles
See this topic for information about assigning users and groups to roles for the naming server.Configure trusted mode for the internal HTTP transport
By default, the WebSphere internal HTTP transport is configured for trusted mode. For more information, see this topic.Configure SSL in WebSphere Application Server - Express
If you want to use secure sockets layer (SSL) with WebSphere Application Server - Express, see this topic.Configure Java 2 security
WebSphere Application Server - Express now fully supports the Java 2 security model. See this topic for information about configuring the permissions-based Java 2 security.Configure Java Authentication and Authorization Service login
Java Authentication and Authorization Service (JAAS) login in new in WebSphere Application Server - Express. See this topic for information about configuring the login authentication.Configure J2C authentication data entries
A Java 2 Connector (J2C) authentication data entry defines authentication data that you can share among resource adapters and JDBC data sources. See this topic for more information.