The default user registry used by the application is the default WebSphere file- based user registry.
- Navigate to ;
- Set the Available realm definitions to be Federated repositories and click the Configure button;
- Set the Primary administrative username to be websphere;
- Select the Automatically generated server identity radio button;
- Select Ignore case for authorization and click OK;
- Enter the password for the default administrative user, e.g. websphere, enter the confirmation and click OK to confirm the changes;
- Set the Available realm definitions to be Federated repositories and click the Set as current button;
- Select Enable administrative security;
- Select Enable application security;
- Select Use Java 2 security to restrict application access to local resources and Warn if applications are granted custom permissions;
- Click the Apply button to confirm the changes;
- Navigate to ;
- Select the Custom Properties link;
- Click New and set the name and value as follows:
Name= com.ibm.ws.security.web.logoutOnHTTPSessionExpire
Value= true
- Click OK to add the new property.
- Navigate to ;
- Select ;
- Ensure the Requires SSL check box is unchecked;
- Ensure that the value of the Domain Name field is set to the fully qualified domain name that will be used to access the application e.g. xxx.com. It should be configured similar to that specified in Configuring the base URL in Cúram Portlets;
- Click OK to confirm the change.
- Navigate to ;
- Select Custom properties;
- Add com.ibm.ws.security.addHttpOnlyAttributeToCookies with value true;
- Click OK to confirm the change.
- Save the changes to the master configuration.