hey guys,
i need your helps!!!

There are some applications in my homepage such as bookmarks, Files, Activities... can be accessed by anonymous.

For example,
I log on to my page and open the bookmark page. then, copy the link and log out.
i go to that bookmark page but i can still access it.

Some paths of my web site are default as public link too. Therefore, non-login(do not authenicated) users can access the link even though i log on to the page.
how can i configure the server to prohibit anonymous access of those applications.(IBM Websphere Application Server 8)
should i firstly consider .htaccess file ???

PLS help, i have no idea on it

-->(restrict default anonymous login to authentication)!