This information applies to all types of applications that
are deployed on the Liberty profile.
About this task
Security in the Liberty profile supports all the Servlet
3.0 security features and secured Java™ JMX
connections. The following Liberty features are applicable to security
in the Liberty profile:
- appSecurity-2.0 enables
security for
for web applications
when the servlet-3.0 feature is present and for EJBs
when the ejbLite-3.1 feature is present.
- ssl-1.0 enables SSL connections using HTTPS.
- restConnector-1.0 enables remote access by JMX
client through a REST-based connector.
- oauth-2.0 enables authorization to resources
by using the OAuth 2.0 protocol.
ldapRegistry-3.0 provides
support for the LDAP user registry.
To learn about how security works in the Liberty profile,
see Liberty profile: Security.
Best practice:
There are several security configuration examples on the wasdev.net website for reference when configuring security for your applications on the Liberty profile. If you see any differences in the configuration
created by the developer tools and the examples, modify the configuration
to fit the configuration in the examples for that feature.