Enabling administrative security

Administrative security protects your server from unauthorized users and is the primary security mechanism for WebSphere® Application Server. Administrative security prevents unauthorized changes to the WebSphere Application Server configuration. With administrative security enabled, many other security options become available to further secure your environment. If you chose to enable security during the installation process, you enabled administrative security.

Before you begin

You must have logged into the WebSphere Application Server administrative console before starting these tasks.

About this task

For additional details about administrative security, read the information in the related links. Complete the following procedure using the WebSphere Application Server administrative console.

Procedure

  1. In the navigation panel, click Security > Global security.
  2. Under Administrative security, select Enable administrative security. When you enable administrative security, you must configure user repositories.
    • To help you complete this task, click Security Configuration Wizard to start the Security Configuration Wizard. When executing the wizard:
      1. Enable application security and Java™ 2 security if you want it.
      2. Select one of the following as the current realm definition for your current user account repository:
        • Federated Repositories
        • Local operating system
        • Standalone LDAP registry
        • Standalone custom registry
      3. Provide the information required to configure your current realm definition for your current user account repository.
  3. Click Apply.
  4. Click Save to save changes to the master configuration.
  5. To have your changes take effect, restart the server.
Parent topic: Configuring server security
Related concepts:
Administrative security (WebSphere Application Server Network Deployment)
Authenticating users (WebSphere Application Server Network Deployment)