Here’s the latest WebSphere Liberty beta and WebSphere Developer Tools (WDT).

Thanks to your support for our regular beta programme, we are able to release new Liberty features every few months. Most recently, in June.

Look out for more betas over the coming months.

Get it now! Ask a question on Stack Overflow

What’s in the WebSphere Liberty beta for September?

OpenID Connect Client feature update

The openidConnectClient-1.0 feature now accepts JSON Web Token (JWT) as an authentication token from a trusted authentication proxy, a trusted service client, or an OAuth authorization server.

Any trusted party in possession of a JWT can use that token to get access to the associated resources in Liberty. The Liberty resource server validates the JWT and creates the authenticated subject from it without needing a user registry in Liberty.

OpenID Connect Server feature update

The openidConnectServer-1.0 feature can be configured to issue JWT as access_token tokens. To issue JWT as an access_token, you implement the com.ibm.wsspi.security.oauth20.JwtAccessTokenMediatorservice programming interface (SPI).

By default, Liberty issues opaque access_token tokens. Opaque tokens require the recipient to call back to the server that issued it. You can configure the Liberty OpenID Connect Provider to instead issue JWT as access_token tokens which include the verification mechanism within the token, so that the recipient can validate it without calling the issuer.

What’s already in there?

The August 2016 beta included changes to the behavior associated with path normalization on values that are specified using variables, changes to the Federated registry which now exposes VMM SPI, the REST connector 2.0, z/OS local adapters messaging and a re-designed Deploy Tool in the Admin Center.

Take a look at the previous beta announcements for a full list of stuff added since the 16.0.0.2 release in June 2016:

Get it now! Ask a question on Stack Overflow

1 comment on"Beta: WebSphere Liberty and tools (September 2016)"

  1. Parag Gokhale September 23, 2016

    Hello,
    I am interested in the signed JWT authentication and what’s being offered seems perfect, but I’m unable to get it working. Even If I make a Get request without JWT request parameter, the resource servlet gets invoked. I’ve configured Liberty as expected. Appreciate any help.
    Regards,
    Parag

Join The Discussion

Your email address will not be published. Required fields are marked *