Securing Liberty and its applications

This information applies to all types of applications that are deployed on Liberty.

About this task

Security in Liberty supports all the Servlet 3.0 security features and secured Java™ JMX connections. The following Liberty features are applicable to security in Liberty:
  • appSecurity-2.0 enables security for web applications when the servlet-3.0 feature is present and for EJB components when the ejbLite-3.1 feature is present.
  • ssl-1.0 enables SSL connections using HTTPS.
  • restConnector-1.0 enables remote access by JMX client through a REST-based connector.
  • oauth-2.0 enables authorization to resources by using the OAuth 2.0 protocol.
  • openid-2.0 enables users to authenticate to multiple entities without the need to manage multiple accounts or sets of credentials.
  • ldapRegistry-3.0 provides support for the LDAP user registry.

To learn about how security works in Liberty, see Liberty: Security.

Best practice: There are several security configuration examples on the WASdev.net website for reference when configuring security for your applications on Liberty. If you see any differences in the configuration created by the developer tools and the examples, modify the configuration to fit the configuration in the examples for that feature.

Icon that indicates the type of topic Task topic

File name: twlp_sec.html