[WebSphere Application Server] How to disable security

If Security is enabled on WebSphere Application Server, there are some situation that you can not login to Admin Console as below.

  • Forget password
  • mistake security setting
  • Can not connect to LDAP server

You can disable security on WAS forcibly in the following steps.

Step1: Find security.xml

You can find the xml file which describes security setting in the following file path.
{WAS_install_directory}/profiles/{profile_name}/config/cells/{cell_name}/security.xml

Step2: Take a backup of security.xml

Please take a backup of security.xml before. Because IBM may not recommend to edit security.xml manually.

Step3: Edit security.xml

If security is enabled, you can find [enable=”true”] string as below. So please change it to [enabled=”false”] .

<security:Security xmi:version=”2.0″ xmlns:xmi=”http://www.omg.org/XMI&quot;
xmlns:orb.securityprotocol=”http://www.ibm.com/websphere/appserver/schemas/5.0/orb.securityprotocol…; xmlns:security=”http://www.ibm.com/websphere/appserver/schemas/5.0/security.xmi&quot; xmi:id=”Security_1″ useLocalSecurityServer=”true” useDomainQualifiedUserNames=”false” enabled=”true” cacheTimeout=”600″ issuePermissionWarning=”true” activeProtocol=”BOTH” enforceJava2Security=”false” enforceFineGrainedJCASecurity=”false” activeAuthMechanism=”SWAMAuthentication_1″ activeUserRegistry=”LocalOSUserRegistry” defaultSSLSettings=”SSLConfig_1″>
<authMechanisms xmi:type=”security:SWAMAuthentication” xmi:id=”SWAMAuthentication_1″ OID=”No OID for this mechanism” authContextImplClass=”com.ibm.ISecurityLocalObjectGSSUPImpl.WSSecurityContext” authConfig=”system.SWAM” simpleAuthConfig=”system.SWAM” authValidationConfig=”system.SWAM”/>

Step4: Restart WAS

You have to restart WebSphere Application Server to reflect a change. But you may not be able to restart normally, because ID and Password are required to stop WAS. So please kill the process of WAS.

Then security setting will be disabled and you can login to WAS Admin Console.