step 1 - Enable Application Security in WebSphere Admin Console

Before you can do anything with security in WebSphere, you have to ensure that the application security is enabled in your server. You will find the options page in the Admin Console under “Security”/”Global Security”.

 

To use a file based user realm you have to configure “Federated repositories” under “User account repository”. If you create a new server profile from scratch, this should be the default setting. If you have to use an existing server profile, ensure that “Federated repositories” are configured in the following way: