Securing Liberty and its applications
This information applies to all types of applications that are deployed on Liberty.
About this task
Security in Liberty supports all the
Servlet 3.0 security features and secured Java™ JMX
connections. The following Liberty features
are applicable to security in Liberty:
- appSecurity-2.0 enables security for web applications when the servlet-3.0 feature is present and for EJB components when the ejbLite-3.1 feature is present.
- ssl-1.0 enables SSL connections using HTTPS.
- restConnector-1.0 enables remote access by JMX client through a REST-based connector.
- oauth-2.0 enables authorization to resources by using the OAuth 2.0 protocol.
- openid-2.0 enables users to authenticate to multiple entities without the need to manage multiple accounts or sets of credentials.
- ldapRegistry-3.0 provides support for the LDAP user registry.
To learn about how security works in Liberty, see Liberty: Security.
Best practice: There are several security configuration examples on the WASdev.net website for reference when configuring security for your applications on Liberty. If you
see any differences in the configuration created by the developer
tools and the examples, modify the configuration to fit the configuration
in the examples for that feature.