This topic applies to WebSphere Application Server Liberty V8.5.5.9 and earlier. For the latest Liberty topics, see the WebSphere Application Server Liberty documentation.

Securing Liberty and its applications

This information applies to all types of applications that are deployed on Liberty.

About this task

Security in Liberty supports all the Servlet 3.0 security features and secured Java™ JMX connections. The following Liberty features are applicable to security in Liberty:
  • appSecurity-2.0 enables security for for web applications when the servlet-3.0 feature is present and for EJB components when the ejbLite-3.1 feature is present.
  • ssl-1.0 enables SSL connections using HTTPS.
  • restConnector-1.0 enables remote access by JMX client through a REST-based connector.
  • oauth-2.0 enables authorization to resources by using the OAuth 2.0 protocol.
  • ldapRegistry-3.0 provides support for the LDAP user registry.

To learn about how security works in Liberty, see Security.

Best practice: There are several security configuration examples on the WASdev.net website for reference when configuring security for your applications on Liberty. If you see any differences in the configuration created by the developer tools and the examples, modify the configuration to fit the configuration in the examples for that feature.

Icon that indicates the type of topic Task topic



Timestamp icon Last updated: Tuesday, 12 December 2017
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=phil&product=was-libcore-mp&topic=twlp_sec
File name: twlp_sec.html