The step you sent is referring to what to do from the Security Assist Access Rules manager interface, but your screen shot is of the Authenticate User server behavior.
The steps appear up to date, but they refer to what to do in the interface: WebAssist->Security Assist->Manage Site Access->Access Rules Manager...
If you aren't doing multiple access groups (like admin and general users) with the same login, then that part can be ignored.
If you open that interface, then the steps should make more sense.
There is an issue in the Authenticate User Server Behavior that I see as well. At some point the tutorial should have had you create a column called UserAccessGroup or something to that effect and then save that value in the session for login.