What’s new in this release?
Re-designed Deploy Tool in the Admin Center
In the Admin Center
(adminCenter-1.0), the Deploy Tool been completely redesigned for a better user experience when deploying Liberty server packages. Not only that, but you can now deploy Node.js application packages and Docker containers. Support for custom deployment rules has also been added.
MicroProfile convenience feature
microProfile-1.0 feature is a convenience feature for easily configuring the MicroProfile environment. The current definition of MicroProfile consists of the
JSON-P technologies. Thus, this
microProfile-1.0 feature easily configures the
jsonp-1.0 Liberty features.
The microprofile.io community is a new community dedicated to optimizing the Enterprise Java mission for the microservices architecture. The goal is to define a microservices application platform that is portable across multiple runtimes. Currently, the main players in this group are IBM, RedHat, Tomitribe, Payara, and the LJC. Additional key industry individuals are also participating. This is a grass-roots effort where IBM is considered one of the “founding members”. The first deliverable from this group is defining the Micro Profile 1.0.
Federated registry now exposes VMM SPI
federatedRegistry-1.0 feature now exposes the following VMM SPIs:
CustomRepository interface enables you to create, read, update, and delete users and groups. It also enables you to add extended attributes to users and groups. You can implement the custom repository as a user feature.
For more information about custom user registries, see Selecting a custom user registry or repository.
And, of course, there’s the usual Javadoc installed with Liberty.
OpenID Connect Client feature update
openidConnectClient-1.0 feature now accepts JSON Web Token (JWT) as an authentication token from a trusted authentication proxy, a trusted service client, or an OAuth authorization server.
Any trusted party in possession of a JWT can use that token to get access to the associated resources in Liberty. The Liberty resource server validates the JWT and creates the authenticated subject from it without needing a user registry in Liberty.
OpenID Connect Server feature update
openidConnectServer-1.0 feature can be configured to issue JWT as
access_token tokens. To issue JWT as an
access_token, you implement the
com.ibm.wsspi.security.oauth20.JwtAccessTokenMediatorservice programming interface (SPI).
By default, Liberty issues opaque
access_token tokens. Opaque tokens require the recipient to call back to the server that issued it. You can configure the Liberty OpenID Connect Provider to instead issue JWT as
access_token tokens which include the verification mechanism within the token, so that the recipient can validate it without calling the issuer.
VMM Custom Adapter SPI Support
The VMM Custom Adapter SPI support provides end-users with the following capabilities:
- A repository that allows for create/read/update/delete/search/login operations (not just read capabilities).
- A repository that allows support for extended, or customized, attributes.
- A repository which cannot be supported out-of-the-box by our existing user registries.
z/OS local adapters messaging
On z/OS, the
zosLocalAdapters-1.0 feature includes support for sending and receiving messages to and from IMS.
Plugin-cfg.xml automatic generation and merge tool
The Liberty server now automatically generates a
plugin-cfg.xml file for a server and writes it to the
server_config_dir/logs/state directory. The file is regenerated automatically for these events:
- Server start if the server has applications defined.
- When an application is added or removed.
- When an application changes the session cookie config name during application initialization.
- When server configuration is updated.
Also a new utility is provided which can be used to merge
plugin-cfg.xml files from multiple servers. The utility is
server_install_root/bin/pluginUtilty. The utility has a help action and a merge action. The merge action can be used to merge either named files, or files from a named directory. The merged plugin config file can be written to either a named directory, or named file. For more information run
pluginUtility help merge from the
Migration Toolkit updates
As usual, the Migration Toolkit team are hot on the case of making it easy to move applications (and configurations) to Liberty from WebSphere Application Server and from other Java application servers, as well as between versions of WebSphere Application Server. In particular, the binary scanner has a new inventory report and goes back to Version 6.1 for version-to-version migration.
WebSphere Developer Tools updates
WDT support for Custom Password Encryption
WDT now supports the encryption of passwords using custom encryption when it is configured.