Disabling admin security


You might want to disable administrative security in few situations, such as

  • You forgo the WAS Admin User

  • There is some problem with the security configuration and your not able to start server



You can disable security using wsadmin command line tool like this. Start the wsadmin tool with wsadmin -conntype NONE, once the wsadmin prompt is displayed execute securityoff command and restart the server.

Or you can open the WebSphere\AppServer\profiles\Dmgr01\config\cells\dmgrCell01\security.xml and search for enable word, change value of the enabled attribute to false


<security:Security xmi:version="2.0" xmlns:xmi="http://www.omg.org/XMI" xmlns:orb.securityprotocol="http://www.ibm.com/websphere/appserver/schemas/5.0/orb.securityprotocol.xmi" xmlns:security="http://www.ibm.com/websphere/appserver/schemas/5.0/security.xmi" xmi:id="Security_1" useLocalSecurityServer="true" useDomainQualifiedUserNames="false" enabled="false" cacheTimeout="600" issuePermissionWarning="false" activeProtocol="BOTH" enforceJava2Security="false" enforceFineGrainedJCASecurity="false" appEnabled="true" dynamicallyUpdateSSLConfig="true" activeAuthMechanism="LTPA_1" activeUserRegistry="WIMUserRegistry_1" defaultSSLSettings="SSLConfig_1">


Easiest way of disabling security if you know the admin user id and password is using the WAS Admin Console