### Kerberos Configuration File Example Source: https://github.com/openliberty/docs/blob/vNext/modules/ROOT/pages/configuring-spnego-authentication.adoc This is an example of a Kerberos configuration file. Ensure encryption types are consistent across your Kerberos setup. ```ini [libdefaults] default_realm = MYDOMAIN.EXAMPLE.COM default_keytab_name = FILE:c:\windows\krb5.keytab default_tkt_enctypes = rc4-hmac aes256-cts-hmac-sha1-96 default_tgs_enctypes = rc4-hmac aes256-cts-hmac-sha1-96 [realms] MYDOMAIN.EXAMPLE.COM= { kdc = host1.example.com:88 default_domain = example.com } [domain_realm] .example.com = MYDOMAIN.EXAMPLE.COM ``` -------------------------------- ### Install server features Source: https://github.com/openliberty/docs/blob/vNext/modules/reference/pages/command/featureUtility-installServerFeatures.adoc Use this command to install the required features for a specified server. Ensure you are in the `_path_to_liberty_/wlp/bin` directory. ```bash featureUtility installServerFeatures myserver ``` -------------------------------- ### Server start command syntax Source: https://github.com/openliberty/docs/blob/vNext/modules/reference/pages/command/server-start.adoc The general syntax for the `server start` command. Run this command from the `_path_to_liberty_/wlp/bin` directory. If no server name is provided, `defaultServer` is used. ```bash server start _serverName_ [_options_] ``` -------------------------------- ### MongoDB Configuration Example Source: https://github.com/openliberty/docs/blob/vNext/modules/reference/pages/config/server-configuration-overview.adoc Example of configuring MongoDB connection details using variables for ports and hosts. ```xml ``` -------------------------------- ### List Servers in Open Liberty Installation Source: https://github.com/openliberty/docs/blob/vNext/modules/reference/pages/command/server-list.adoc Use this command to view all servers defined in your Open Liberty installation. Ensure you are in the `wlp/bin` directory. ```shell server list ``` -------------------------------- ### Start the Open Liberty Server Source: https://github.com/openliberty/docs/blob/vNext/modules/ROOT/pages/data-definition-language-generation.adoc Command to start the Open Liberty server. Replace with your server's name. ```bash ./bin/server start ``` -------------------------------- ### Detect Transaction Start Before Checkpoint Source: https://github.com/openliberty/docs/blob/vNext/modules/ROOT/pages/instanton-limitations.adoc This Servlet example uses `loadOnStartup = 1` which can cause a transaction to begin before the InstantOn checkpoint, leading to a WTRN0155W warning and a checkpoint failure (WTRN0154E). Avoid this by using `beforeAppStart` or removing `loadOnStartup`. ```java @WebServlet(urlPatterns = { "/StartupServlet" }, loadOnStartup = 1) public class StartupServlet extends HttpServlet { @Override public void init() { UserTransaction ut = UserTransactionFactory.getUserTransaction(); try { ut.begin(); ... ut.commit(); } catch (Exception e) { // something went wrong } } } ``` -------------------------------- ### Install Admin Center Feature Source: https://github.com/openliberty/docs/blob/vNext/modules/ROOT/pages/admin-center.adoc Install the Admin Center feature using the featureUtility command. Ensure you are in the `_path_to_liberty_/wlp/bin` directory. ```sh featureUtility installFeature adminCenter-1.0 ``` -------------------------------- ### Start Open Liberty server with variables Source: https://github.com/openliberty/docs/blob/vNext/modules/reference/pages/command/server-start.adoc Start a specified Open Liberty server in the background while defining a variable. Variables set this way override all other sources and cannot be changed after the server starts. Ensure `--` precedes the variable definition. ```bash server start myserver -- --variable_name=variable_value ``` -------------------------------- ### Start Open Liberty server in background Source: https://github.com/openliberty/docs/blob/vNext/modules/reference/pages/command/server-start.adoc Use this command to start a specified Open Liberty server in the background. The server's output will be logged to `WLP_OUTPUT_DIR/serverName/logs/console.log`. ```bash server start myserver ``` -------------------------------- ### Skopeo Inspect Output Example Source: https://github.com/openliberty/docs/blob/vNext/modules/ROOT/pages/container-images.adoc This is an example of the output you can expect when inspecting an Open Liberty image for its version. The `` placeholder indicates where the specific version number would appear. ```json "io.openliberty.version": "", "liberty.version": "" ``` -------------------------------- ### Start Open Liberty server as a Windows service Source: https://github.com/openliberty/docs/blob/vNext/modules/ROOT/pages/windows-service.adoc Use this command to start an Open Liberty server that has been registered as a Windows service. Replace `serverName` with the name of the service. ```shell server startWinService myserver ``` -------------------------------- ### Start Dev Mode with Container Support Source: https://github.com/openliberty/docs/blob/vNext/modules/ROOT/pages/development-mode.adoc Commands to start dev mode with container support. This compiles your application, builds the development image, and runs the server within a container, minimizing differences between development and production environments. ```bash mvn liberty:devc ``` ```bash gradle libertyDevc ``` -------------------------------- ### Start Open Liberty server with variable Source: https://github.com/openliberty/docs/blob/vNext/modules/reference/pages/command/server-run.adoc This command starts the `myserver` Open Liberty server in the foreground and sets a specific variable. The `--` separator is required before specifying variables. ```shell server run myserver -- --variable_name=variable_value ``` -------------------------------- ### Install server features with custom user features Source: https://github.com/openliberty/docs/blob/vNext/modules/reference/pages/command/featureUtility-installServerFeatures.adoc Install features for a server, including custom user features, by specifying the Maven coordinates for a features BOM. The `` should be the Open Liberty server version. ```bash featureUtility installServerFeatures myserver --featuresBom=my.user.features:myBOM: ``` -------------------------------- ### Create server with a template Source: https://github.com/openliberty/docs/blob/vNext/modules/reference/pages/command/server-create.adoc This example demonstrates how to create a server using a specific template, such as `jakartaee10`. Templates pre-configure features and settings for particular programming models. ```bash server create myServer --template=jakartaee10 ``` -------------------------------- ### SECURITY_AUDIT_MGMT Event Example (AuditFileHandler Start) Source: https://github.com/openliberty/docs/blob/vNext/modules/ROOT/pages/json-log-events-list.adoc This JSON object represents a SECURITY_AUDIT_MGMT event, specifically capturing the start of an AuditFileHandler. It includes details about the host, server, timestamp, and the outcome of the handler start. ```json { "type":"liberty_audit", "host":"sage.xyz.com", ``` -------------------------------- ### SECURITY_AUDIT_MGMT Event Example (Audit Service Start) Source: https://github.com/openliberty/docs/blob/vNext/modules/ROOT/pages/json-log-events-list.adoc This JSON object represents a SECURITY_AUDIT_MGMT event, specifically capturing the start of the Audit Service. It includes details about the host, server, timestamp, and the outcome of the service start. ```json { "type":"liberty_audit", "host":"sage.xyz.com", "ibm_userDir":"\/opt\/ol\/wlp\/usr\/", "ibm_serverName":"TestServer.audit", "ibm_datetime":"2018-07-10T16:15:35.110-0400", "ibm_sequence":"1536171863908_0000000000001", "ibm_threadId":"00000013", "ibm_audit_eventName":"SECURITY_AUDIT_MGMT", "ibm_audit_eventSequenceNumber":"0", "ibm_audit_eventTime":"2018-07-10T16:15:34.339-0400", "ibm_audit_observer.id":"websphere: sage.xyz.com:\/opt\/ol\/wlp\/usr\/:TestServer.audit", "ibm_audit_observer.name":"AuditService", "ibm_audit_observer.typeURI":"service\/server", "ibm_audit_outcome":"success", "ibm_audit_target.id":"websphere: sage.xyz.com:\/opt\/ol\/wlp\/usr\/:TestServer.audit", "ibm_audit_target.typeURI":"service\/audit\/start" } ``` -------------------------------- ### Servlet with DataSource Injection and Load-on-Startup Source: https://github.com/openliberty/docs/blob/vNext/modules/ROOT/pages/instanton-limitations.adoc A Servlet example that injects a DataSource and is configured to load on startup. This can lead to early injection issues with InstantOn. ```java @WebServlet(urlPatterns = "/ExampleServlet", loadOnStartup = 1) public class ExampleServlet extends HttpServlet { @Resource(shareable = false) private DataSource exampleDataSource; ... } ``` -------------------------------- ### SECURITY_AUDIT_MGMT Event - Audit Service Start Source: https://github.com/openliberty/docs/blob/vNext/modules/ROOT/pages/audit-log-events-list-cadf.adoc Example of a SECURITY_AUDIT_MGMT event capturing the start of the audit service. This event is generated by the Open Liberty Audit feature. ```json { "eventName":"SECURITY_AUDIT_MGMT", "eventSequenceNumber":"0", "eventTime":"2018-07-10 12:15:34.339", "observer": { "id":"websphere: sage.xyz.com:/opt/ol/wlp/usr/:scim.custom.repository.audit", "name":"AuditService", "typeURI":"service/server" }, "outcome":"success", "target": { "id":"websphere: sage.xyz.com:/opt/ol/wlp/usr/:scim.custom.repository.audit", "typeURI":"service/audit/start" } } ``` -------------------------------- ### Dockerfile for InstantOn Image with Podman Source: https://github.com/openliberty/docs/blob/vNext/modules/ROOT/pages/instanton.adoc This Dockerfile example demonstrates how to build an InstantOn application container image using Podman. It specifies the base image, copies server configuration, and includes the checkpoint.sh script as the last RUN instruction to capture application process state. ```dockerfile FROM icr.io/appcafe/open-liberty:kernel-slim-java17-openj9-ubi # Add a Liberty server configuration that includes all necessary features COPY --chown=1001:0 server.xml /config/ # This script adds the requested XML snippets to enable Liberty features and grow the image to be fit-for-purpose. ``` -------------------------------- ### ACME Service Keystore Installation Error Source: https://github.com/openliberty/docs/blob/vNext/modules/ROOT/pages/troubleshooting.adoc Example error message when the ACME service fails to install a certificate into the keystore, potentially due to the keystore not being present. ```log CWPKI2030E: The ACME service could not install a certificate under the default alias into the defaultKeyStore keystore. The error is 'The keystore [defaultKeyStore] is not present in the configuration'. ``` -------------------------------- ### SECURITY_AUDIT_MGMT Event - Audit File Handler Start Source: https://github.com/openliberty/docs/blob/vNext/modules/ROOT/pages/audit-log-events-list-cadf.adoc Example of a SECURITY_AUDIT_MGMT event capturing the start of an audit file handler. This event is generated by the Open Liberty Audit feature. ```json { "eventName":"SECURITY_AUDIT_MGMT", "eventSequenceNumber":"1", "eventTime":"2018-07-10 12:15:34.471", "observer": { "id":"websphere: sage.xyz.com:/opt/ol/wlp/usr/:scim.custom.repository.audit", "name":"AuditHandler:AuditFileHandler", "typeURI":"service/server" }, "outcome":"success", "target": { "id":"websphere: sage.xyz.com:/opt/ol/wlp/usr/:scim.custom.repository.audit", "typeURI":"service/audit/start" } } ``` -------------------------------- ### Display help for installFeature action Source: https://github.com/openliberty/docs/blob/vNext/modules/reference/pages/command/featureUtility-help.adoc Use this command to get detailed help for a specific `featureUtility` action, such as `installFeature`. Ensure you are in the `_path_to_liberty_/wlp/bin` directory when running. ```shell featureUtility help installFeature ``` -------------------------------- ### Dockerfile for InstantOn Image (No Checkpoint Script) Source: https://github.com/openliberty/docs/blob/vNext/modules/ROOT/pages/instanton.adoc This Dockerfile example sets up the base image for an InstantOn application. It uses a slim Open Liberty image and does not include the checkpoint script, suitable for the first step of a three-step build process. ```dockerfile FROM icr.io/appcafe/open-liberty:kernel-slim-java17-openj9-ubi ``` -------------------------------- ### Feature Utility Install Command Failure Example Source: https://github.com/openliberty/docs/blob/vNext/modules/reference/pages/command/featureUtility-commands.adoc Illustrates the output when `useDefaultRepository=false` is set and a custom repository cannot be reached during a `featureUtility install` command. The command fails with an error instead of attempting to use Maven Central. ```text > featureUtility install mpHealth-2.2 Initializing ... Using 8 threads to download artifacts. http://alt.mycomp.com/maven2 cannot be connected <---------------------> 0.00% com.ibm.ws.install.InstallException: CWWKF1248E: One of the repositories that is specified in the configuration cannot be reached. Verify that your computer has network access and firewalls are configured correctly, then try the action again. If the connection still fails, the repository server might be temporarily unavailable. ``` -------------------------------- ### Register WriteListener for Asynchronous Write Source: https://github.com/openliberty/docs/blob/vNext/modules/ROOT/pages/async-io.adoc This service method demonstrates the initial setup for asynchronous write operations. It starts the asynchronous context and registers a WriteListener with the ServletOutputStream. ```java @Override protected void service(HttpServletRequest req, HttpServletResponse res) throws IOException, ServletException { req.startAsync(); res.getOutputStream().setWriteListener(new SampleWriteListener(req, res, 200)); } ``` -------------------------------- ### Display help for the server command Source: https://github.com/openliberty/docs/blob/vNext/modules/reference/pages/command/server-help.adoc Use this command to view general help information for the `server` command. No setup or imports are required. ```sh server help ``` -------------------------------- ### General securityUtility help syntax Source: https://github.com/openliberty/docs/blob/vNext/modules/reference/pages/command/securityUtility-help.adoc This is the general syntax for running the `securityUtility help` command. Ensure you are in the `_path_to_liberty_/wlp/bin` directory. Replace `_actionName_` with the specific action you need help with. ```shell securityUtility help _actionName_ ``` -------------------------------- ### Basic server.xml Configuration Source: https://github.com/openliberty/docs/blob/vNext/modules/reference/pages/config/server-configuration-overview.adoc This example configures the server to support the JavaServer Pages 2.3 feature, sets the HTTP port to 9080, and enables automatic expansion of WAR files. ```xml jsp-2.3 ``` -------------------------------- ### Configure transaction recovery at server startup Source: https://github.com/openliberty/docs/blob/vNext/modules/ROOT/pages/transaction-service.adoc Use the `transaction` element in `server.xml` to configure transaction recovery. Setting `recoverOnStartup` to `true` ensures recovery occurs when the server starts, rather than when the service is first used. This example also sets transaction lifetime timeouts and disables heuristic retry. ```xml ``` -------------------------------- ### EJB Authorization Event Example Source: https://github.com/openliberty/docs/blob/vNext/modules/ROOT/pages/audit-log-events-list-cadf.adoc Example of a successful EJB authorization audit event. ```APIDOC ## POST /api/audit/ejb/authorization ### Description This endpoint provides details for a successful EJB authorization event. ### Method POST ### Endpoint /api/audit/ejb/authorization ### Request Body ```json { "eventName":"SECURITY_AUTHZ", "eventSequenceNumber":"5", "eventTime":"2018-07-16 10:37:56.719", "initiator": { "host": { "address":"127.0.0.1", "agent":"Apache-HttpClient/4.1.2 (java 1.5)" } }, "observer": { "id":"websphere: sage.xyz.com:/opt/ol/wlp/usr/:scim.custom.repository.audit", "name":"SecurityService", "typeURI":"service/server" }, "outcome":"success", "reason": { "reasonCode":"200", "reasonType":"EJB Permit All" }, "target": { "appname":"securityejb", "credential": { "token":"user2", "type":"BASIC" }, "ejb": { "beanname":"SecurityEJBA01Bean", "method": { "interface":"Local", "signature":"runAsSpecified:" }, "module": { "name":"SecurityEJB.jar" } }, "host": { "address":"127.0.0.1:8010" }, "id":"websphere: sage.xyz.com:/opt/ol/wlp/usr/:scim.custom.repository.audit", "method":"runAsSpecified", "name":"/securityejb/SimpleServlet", "params":"testInstance=ejb01&testMethod=runAsSpecified", "realm":"BasicRealm", "session":"NNLU_QCIGIOPHhKLWY1BxVJ", "typeURI":"service/application/web" } } ``` ### Response #### Success Response (200) - **event** (object) - The audit event details. #### Response Example ```json { "event": { "eventName":"SECURITY_AUTHZ", "eventSequenceNumber":"5", "eventTime":"2018-07-16 10:37:56.719", "initiator": { "host": { "address":"127.0.0.1", "agent":"Apache-HttpClient/4.1.2 (java 1.5)" } }, "observer": { "id":"websphere: sage.xyz.com:/opt/ol/wlp/usr/:scim.custom.repository.audit", "name":"SecurityService", "typeURI":"service/server" }, "outcome":"success", "reason": { "reasonCode":"200", "reasonType":"EJB Permit All" }, "target": { "appname":"securityejb", "credential": { "token":"user2", "type":"BASIC" }, "ejb": { "beanname":"SecurityEJBA01Bean", "method": { "interface":"Local", "signature":"runAsSpecified:" }, "module": { "name":"SecurityEJB.jar" } }, "host": { "address":"127.0.0.1:8010" }, "id":"websphere: sage.xyz.com:/opt/ol/wlp/usr/:scim.custom.repository.audit", "method":"runAsSpecified", "name":"/securityejb/SimpleServlet", "params":"testInstance=ejb01&testMethod=runAsSpecified", "realm":"BasicRealm", "session":"NNLU_QCIGIOPHhKLWY1BxVJ", "typeURI":"service/application/web" } } } ``` ``` -------------------------------- ### WEB Authorization Event Example Source: https://github.com/openliberty/docs/blob/vNext/modules/ROOT/pages/audit-log-events-list-cadf.adoc Example of a successful WEB authorization audit event. ```APIDOC ## POST /api/audit/web/authorization ### Description This endpoint provides details for a successful WEB authorization event. ### Method POST ### Endpoint /api/audit/web/authorization ### Request Body ```json { "eventName":"SECURITY_AUTHZ", "eventSequenceNumber":"4", "eventTime":"2018-07-16 10:37:56.259", "initiator": { "host": { "address":"127.0.0.1", "agent":"Apache-HttpClient/4.1.2 (java 1.5)" } }, "observer": { "id":"websphere: sage.xyz.com:/opt/ol/wlp/usr/:scim.custom.repository.audit", "name":"SecurityService", "typeURI":"service/server" }, "outcome":"success", "reason": { "reasonCode":"200", "reasonType":"HTTP" }, "target": { "appname":"SecurityEJBServlet", "credential": { "token":"user2", "type":"BASIC" }, "host": { "address":"127.0.0.1:8010" }, "id":"websphere: sage.xyz.com:/opt/ol/wlp/usr/:scim.custom.repository.audit", "method":"GET", "name":"/securityejb/SimpleServlet", "params":"testInstance=ejb01&testMethod=runAsSpecified", "realm":"BasicRealm", "role": { "names":"[AllAuthenticated]" }, "session":"NNLU_QCIGIOPHhKLWY1BxVJ", "typeURI":"service/application/web" } } ``` ### Response #### Success Response (200) - **event** (object) - The audit event details. #### Response Example ```json { "event": { "eventName":"SECURITY_AUTHZ", "eventSequenceNumber":"4", "eventTime":"2018-07-16 10:37:56.259", "initiator": { "host": { "address":"127.0.0.1", "agent":"Apache-HttpClient/4.1.2 (java 1.5)" } }, "observer": { "id":"websphere: sage.xyz.com:/opt/ol/wlp/usr/:scim.custom.repository.audit", "name":"SecurityService", "typeURI":"service/server" }, "outcome":"success", "reason": { "reasonCode":"200", "reasonType":"HTTP" }, "target": { "appname":"SecurityEJBServlet", "credential": { "token":"user2", "type":"BASIC" }, "host": { "address":"127.0.0.1:8010" }, "id":"websphere: sage.xyz.com:/opt/ol/wlp/usr/:scim.custom.repository.audit", "method":"GET", "name":"/securityejb/SimpleServlet", "params":"testInstance=ejb01&testMethod=runAsSpecified", "realm":"BasicRealm", "role": { "names":"[AllAuthenticated]" }, "session":"NNLU_QCIGIOPHhKLWY1BxVJ", "typeURI":"service/application/web" } } } ``` ``` -------------------------------- ### Create a server named myserver Source: https://github.com/openliberty/docs/blob/vNext/modules/reference/pages/command/server-create.adoc Use this command to create a new Open Liberty server instance with a specific name. Ensure you are in the `_path_to_liberty_/wlp/bin` directory. ```bash server create myserver ``` -------------------------------- ### Start server in debug mode with variables Source: https://github.com/openliberty/docs/blob/vNext/modules/reference/pages/command/server-debug.adoc Starts the specified Open Liberty server in debug mode and sets a variable. Variables set on the command line override all other sources and cannot be changed after the server starts. ```shell server debug myserver -- --variable_name=variable_value ``` -------------------------------- ### Display help for createSSLCertificate action Source: https://github.com/openliberty/docs/blob/vNext/modules/reference/pages/command/securityUtility-help.adoc Use this command to get help information for a specific `securityUtility` action, such as `createSSLCertificate`. ```shell securityUtility help createSSLCertificate ``` -------------------------------- ### Outbound Response Code Examples Source: https://github.com/openliberty/docs/blob/vNext/modules/ROOT/pages/jmx-metrics-list.adoc Examples of using the `getTotalOutboundResponses` method for various HTTP status codes. ```APIDOC ## Outbound Response Code Metrics This section details how to retrieve counts for specific outbound HTTP response status codes using the `getTotalOutboundResponses` method. ### Number of outbound 408 (Request Timeout) responses `getTotalOutboundResponses(appName, "408");` *Application* The number of outbound 408 (Request Timeout) responses that belong to each application. ### Number of outbound 410 (Gone) responses `getTotalOutboundResponses(appName, "410");` *Application* The number of outbound 410 (Gone) responses that belong to each application. ### Number of outbound 413 (Request Entity Too Large) responses `getTotalOutboundResponses(appName, "413");` *Application* The number of outbound 413 (Request Entity Too Large) responses that belong to each application. ### Number of outbound 414 (Request URI Too Long) responses `getTotalOutboundResponses(appName, "414");` *Application* The number of outbound 414 (Request URI Too Long) responses that belong to each application. ### Number of outbound 415 (Unsupported Media Type) responses `getTotalOutboundResponses(appName, "415");` *Application* The number of outbound 415 (Unsupported Media Type) responses that belong to each application. ### Number of outbound 416 (Unsupported URI Scheme) responses `getTotalOutboundResponses(appName, "416");` *Application* The number of outbound 416 (Unsupported URI Scheme) responses that belong to each application. ### Number of outbound 420 (Bad Extension) responses `getTotalOutboundResponses(appName, "420");` *Application* The number of outbound 420 (Bad Extension) responses that belong to each application. ### Number of outbound 421 (Extension Required) responses `getTotalOutboundResponses(appName, "421");` *Application* The number of outbound 421 (Extension Required) responses that belong to each application. ### Number of outbound 423 (Interval Too Brief) responses `getTotalOutboundResponses(appName, "423");` *Application* The number of outbound 423 (Interval Too Brief) responses that belong to each application. ### Number of outbound 480 (Temporarily Unavailable) responses `getTotalOutboundResponses(appName, "480");` *Application* The number of outbound 480 (Temporarily Unavailable) responses that belong to each application. ### Number of outbound 481 (Call Leg Done) responses `getTotalOutboundResponses(appName, "481");` *Application* The number of outbound 481 (Call Leg Done) responses that belong to each application. ### Number of outbound 482 (Loop Detected) responses `getTotalOutboundResponses(appName, "482");` *Application* The number of outbound 482 (Loop Detected) responses that belong to each application. ### Number of outbound 483 (Too Many Hops) responses `getTotalOutboundResponses(appName, "483");` *Application* The number of outbound 483 (Too Many Hops) responses that belong to each application. ### Number of outbound 484 (Address Incomplete) responses `getTotalOutboundResponses(appName, "484");` *Application* The number of outbound 484 (Address Incomplete) responses that belong to each application. ### Number of outbound 485 (Ambiguous) responses `getTotalOutboundResponses(appName, "485");` *Application* The number of outbound 485 (Ambiguous) responses that belong to each application. ### Number of outbound 486 (Busy Here) responses `getTotalOutboundResponses(appName, "486");` *Application* The number of outbound 486 (Busy Here) responses that belong to each application. ### Number of outbound 487 (Request Terminated) responses `getTotalOutboundResponses(appName, "487");` *Application* The number of outbound 487 (Request Terminated) responses that belong to each application. ### Number of outbound 488 (Not Acceptable Here) responses `getTotalOutboundResponses(appName, "488");` *Application* The number of outbound 488 (Not Acceptable Here) responses that belong to each application. ### Number of outbound 491 (Request Pending) responses `getTotalOutboundResponses(appName, "491");` *Application* The number of outbound 491 (Request Pending) responses that belong to each application. ### Number of outbound 493 (Undecipherable) responses `getTotalOutboundResponses(appName, "493");` *Application* The number of outbound 493 (Undecipherable) responses that belong to each application. ### Number of outbound 500 (Server Internal Error) responses `getTotalOutboundResponses(appName, "500");` *Application* The number of outbound 500 (Server Internal Error) responses that belong to each application. ### Number of outbound 501 (Not Implemented) responses `getTotalOutboundResponses(appName, "501");` *Application* The number of outbound 501 (Not Implemented) responses that belong to each application. ### Number of outbound 502 (Bad Gateway) responses `getTotalOutboundResponses(appName, "502");` *Application* The number of outbound 502 (Bad Gateway) responses that belong to each application. ### Number of outbound 503 (Service Unavailable) responses `getTotalOutboundResponses(appName, "503");` *Application* The number of outbound 503 (Service Unavailable) responses that belong to each application. ### Number of outbound 504 (Server Timeout) responses `getTotalOutboundResponses(appName, "504");` *Application* The number of outbound 504 (Server Timeout) responses that belong to each application. ### Number of outbound 505 (Version Not Supported) responses `getTotalOutboundResponses(appName, "505");` *Application* The number of outbound 505 (Version Not Supported) responses that belong to each application. ### Number of outbound 513 (Message Too Large) responses `getTotalOutboundResponses(appName, "513");` *Application* The number of outbound 513 (Message Too Large) responses that belong to each application. ### Number of outbound 600 responses `getTotalOutboundResponses(appName, "600");` *Application* ``` -------------------------------- ### Display help for a specific server action Source: https://github.com/openliberty/docs/blob/vNext/modules/reference/pages/command/server-help.adoc To get detailed help for a specific action, such as `create`, append the action name to the `server help` command. This is useful for understanding the parameters and usage of individual server actions. ```sh server help create ``` -------------------------------- ### User Lookup Action Example Source: https://github.com/openliberty/docs/blob/vNext/modules/ROOT/pages/json-log-events-list.adoc Example of an audit log entry for a SECURITY_MEMBER_MGMT user lookup action. ```APIDOC ## User Lookup Action Example ### Description This example demonstrates an audit log entry for a `SECURITY_MEMBER_MGMT` user lookup action, showing the detailed fields captured. ### Request Example ```json { "type":"liberty_audit", "host":"sage.xyz.com", "ibm_userDir":"\/opt\/ol\/wlp\/usr\/", "ibm_serverName":"scim.custom.repository.audit", "ibm_datetime":"2018-07-24T14:59:82.433-0400", "ibm_sequence":"1536329056532_0000000000048", "ibm_threadId":"000000a5", "ibm_audit_eventName":"SECURITY_MEMBER_MGMT", "ibm_audit_eventSequenceNumber":"14", "ibm_audit_eventTime":"2018-07-24T14:58:45.343-0400", "ibm_audit_initiator.host.address":"127.0.0.1", "ibm_audit_initiator.host.agent":"Java\/1.8.0", "ibm_audit_observer.id":"websphere: sage.xyz.com:\/opt\/ol\/wlp\/usr\/:scim.custom.repository.audit", "ibm_audit_observer.name":"SecurityService", "ibm_audit_observer.typeURI":"service\/server", "ibm_audit_outcome":"success", "ibm_audit_reason.reasonCode":"200", "ibm_audit_reason.reasonType":"HTTPS", "ibm_audit_target.action":"get", "ibm_audit_target.appname":"RESTProxyServlet", "ibm_audit_target.credential.token":"adminUser", "ibm_audit_target.credential.type":"BASIC", "ibm_audit_target.entityType":"PersonAccount", "ibm_audit_target.host.address":"127.0.0.1:63571", "ibm_audit_target.id":"websphere: sage.xyz.com:\/opt\/ol\/wlp\/usr\/:scim.custom.repository.audit", "ibm_audit_target.method":"POST", "ibm_audit_target.name":"\/ibm\/api\/scim\/Users", "ibm_audit_target.realm":"sampleCustomRepositoryRealm", "ibm_audit_target.repositoryId":"sampleCustomRepository", "ibm_audit_target.session":"myQz9fZu2ZUW0nEUWvEaiQC", "ibm_audit_target.typeURI":"service\/vmmservice\/get", "ibm_audit_target.uniqueName":"cn=usertemp,o=ibm,c=us" } ``` ``` -------------------------------- ### Display help for springBootUtility Source: https://github.com/openliberty/docs/blob/vNext/modules/reference/pages/command/springbootUtility-help.adoc Use this command to display general help information for the springBootUtility command. ```bash springBootUtility help ``` -------------------------------- ### SECURITY_SAF_AUTHZ Event Example Source: https://github.com/openliberty/docs/blob/vNext/modules/ROOT/pages/audit-log-events-list-cadf.adoc Example JSON payload for a successful SECURITY_SAF_AUTHZ event, detailing SAF authorization. ```json { "eventName": "SECURITY_SAF_AUTHZ", "eventSequenceNumber": "4", "eventTime": "2019-04-29T19:45:16.161+0000", "observer": { "id": "websphere: sage.xyz.com:/opt/ol/wlp/usr/:TestServer.audit", "name": "SecurityService", "typeURI": "service/server" }, "outcome": "success", "target": { "access": { "level": "READ" }, "applid": "BBGZDFLT", "authorization": { "decision": "true" }, "credential": { "token": "WSGUEST" }, "id": "websphere: sage.xyz.com:/opt/ol/wlp/usr/:TestServer.audit", "racf": { "reason": { "code": "0" }, "return": { "code": "0" } }, "saf": { "class": "EJBROLE", "profile": "BBGZDFLT.AUTHSERV", "return": { "code": "0" } }, "typeURI": "service/application/web", "user": { "security": { "name": "WSGUEST" } } } } ``` -------------------------------- ### springBootUtility help command syntax Source: https://github.com/openliberty/docs/blob/vNext/modules/reference/pages/command/springbootUtility-help.adoc The syntax for displaying help information for a specific action. Replace _actionName_ with the desired action. ```bash springBootUtility help _actionName_ ``` -------------------------------- ### SECURITY_JMS_AUTHZ Event Example Source: https://github.com/openliberty/docs/blob/vNext/modules/ROOT/pages/audit-log-events-list-cadf.adoc Example JSON payload for a successful SECURITY_JMS_AUTHZ event, detailing JMS messaging authorization. ```json { "eventName":"SECURITY_JMS_AUTHZ", "eventSequenceNumber":"11", "eventTime":"2018-07-19 14:33:51.247 EDT", "observer": { "id":"websphere: sage.xyz.com:/opt/ol/wlp/usr/:scim.custom.repository.audit", "name":"JMSMessagingImplementation", "typeURI":"service/server" }, "outcome":"success", "reason": { "reasonCode":"200", "reasonType":"JMS" }, "target": { "credential": { "token":"validUser", "type":"BASIC" }, "host": { "address":"127.0.0.1:53166" }, "id":"websphere: sage.xyz.com:/opt/ol/wlp/usr/:scim.custom.repository.audit", "messaging": { "busname":"defaultBus", "callType":"remote", "destination":"BANK", "engine":"defaultME", "jmsActions":"[BROWSE, SEND, RECEIVE]", "jmsResource":"queue", "operationType":"SEND", "remote": { "chainName":"InboundBasicMessaging" } }, "realm":"customRealm", "typeURI":"service/jms/messagingResource" } } ``` -------------------------------- ### Syntax for Server Keystore Creation Source: https://github.com/openliberty/docs/blob/vNext/modules/reference/pages/command/securityUtility-createSSLCertificate.adoc This syntax is used to create a keystore and certificate for an Open Liberty server. Ensure you are in the `_path_to_liberty_/wlp/bin` directory. ```sh securityUtility createSSLCertificate --server=_serverName_ --password=_pwd_ [_options_] ``` -------------------------------- ### Syntax for Client Keystore Creation Source: https://github.com/openliberty/docs/blob/vNext/modules/reference/pages/command/securityUtility-createSSLCertificate.adoc This syntax is used to create a keystore and certificate for an Open Liberty client. Ensure you are in the `_path_to_liberty_/wlp/bin` directory. ```sh securityUtility createSSLCertificate --client=_clientName_ --password=_pwd_ [_options_] ``` -------------------------------- ### Configure basic user registry with QuickStart security Source: https://github.com/openliberty/docs/blob/vNext/modules/reference/pages/feature/appSecurity/examples.adoc Use quickStartSecurity for test purposes to automatically configure a registry that grants the administrator role to a user. This is not intended for production environments. ```xml ``` -------------------------------- ### Install Logstash Collector Feature Source: https://github.com/openliberty/docs/blob/vNext/modules/ROOT/pages/forwarding-logs-logstash.adoc Install the Logstash Collector feature using the featureUtility command if it is not already present on your server. ```shell d:\wlp\bin\featureUtility installFeature logstashCollector-1.0 ``` -------------------------------- ### View featureUtility settings Source: https://github.com/openliberty/docs/blob/vNext/modules/reference/pages/command/featureUtility-viewSettings.adoc Run this command from the `_path_to_liberty_/wlp/bin` directory to view the configured repository and proxy settings. ```shell featureUtility viewSettings [_option_] ``` -------------------------------- ### Start server in debug mode Source: https://github.com/openliberty/docs/blob/vNext/modules/reference/pages/command/server-debug.adoc Starts the specified Open Liberty server in debug mode. The default debug port is 7777. ```shell server debug myserver ``` -------------------------------- ### Display help for a featureUtility action Source: https://github.com/openliberty/docs/blob/vNext/modules/reference/pages/command/featureUtility-help.adoc This is the general syntax for displaying help for any `featureUtility` action. Replace `_actionName_` with the specific action you need information about. Run this command from the `_path_to_liberty_/wlp/bin` directory. ```shell featureUtility help _actionName_ ``` -------------------------------- ### Example JWKS document structure Source: https://github.com/openliberty/docs/blob/vNext/modules/ROOT/pages/json-web-token.adoc A JWKS document contains a set of keys. This example shows a single RSA key used for signature. ```json { "keys": [ { "kty": "RSA", "e": "AQAB", "use": "sig", "kid": "lYQxCgL6-n7usn_xm5jtY_DsN4V2D0r0lqqhcE6qaVE", "alg": "RS256", "n": "6OJVoJz......xwPVE" } ] } ``` -------------------------------- ### Run InstantOn application with Podman Source: https://github.com/openliberty/docs/blob/vNext/modules/ROOT/pages/instanton.adoc Launches an InstantOn application container using Podman with necessary capabilities and port mapping. This command is used for initial setup and optimization. ```sh podman run \ --rm \ --cap-add=CHECKPOINT_RESTORE \ --cap-add=NET_ADMIN \ --cap-add=SYS_PTRACE \ --security-opt seccomp=criuRequiredSysCalls.json \ -p 9080:9080 \ liberty-app-instanton ``` -------------------------------- ### Start Infinispan Server on OpenShift Source: https://github.com/openliberty/docs/blob/vNext/modules/ROOT/pages/configuring-infinispan-support.adoc This command deploys an Infinispan server instance on OpenShift, mapping the specified user and password to environment variables that can be used for authentication. ```bash oc new-app --docker-image=infinispan/server --name=infinispan-server -e USER="sampleUser" -e PASS="samplePassword" ``` -------------------------------- ### featureUtility installServerFeatures Source: https://github.com/openliberty/docs/blob/vNext/modules/reference/pages/command/featureUtility-installServerFeatures.adoc The `featureUtility installServerFeatures` command installs the required features that are listed in the `server.xml` file of a server. It can install both versioned and versionless features. ```APIDOC ## featureUtility installServerFeatures ### Description Installs the required features for a specified Open Liberty server based on its `server.xml` configuration. ### Method N/A (This is a command-line utility) ### Endpoint N/A (This is a command-line utility) ### Parameters #### Path Parameters - **_serverName_** (string) - Required - The name of the server to run the command against. #### Query Parameters N/A #### Request Body N/A ### Options .Options for the featureUtility installServerFeatures command [%header,cols=2*] |=== |Option |Description |--acceptLicense |Accepts the license agreement for the feature if the feature has a different license from the Liberty server into which it's installed. |--featuresBom |Specifies the Maven coordinates for a features BOM file. Use this option to install custom user features from a Maven repository. Ensure that the repository also contains the associated features JSON file in the same group ID as the BOM. |--noCache |Specifies that features that are installed from a remote repository, such as Maven Central, aren't cached locally. |--verbose |Displays additional debug information while the action runs. |--verify=_verify_ a|Specifies how features must be verified during a process or an installation. Supported values are `enforce`, `skip`, `all`, and `warn`. If this option is not specified, the default value is `enforce`. * `enforce`: Verifies the signatures of all Liberty features except for user features. It checks the integrity and authenticity of the features that are provided by the Liberty framework. * `skip`: Choosing this option skips the verification process altogether. No feature signatures are downloaded or checked. It expedites the installation process but must be used with caution, as it bypasses an important security step. * `all`: Verifies both the Liberty features and the user features. The features that are provided by the Liberty framework and any additional user features or components are checked for integrity. * `warn`: Similar to the `all` option, warn also verifies both the Liberty features and user features. This option allows the process to continue, even if some feature signatures cannot be validated. A verification failure does not immediately end the installation process, but it results in a warning message. |--to |Specify the extension location to install user features. If this option is not specified, the feature is installed to default `{wlp.install.dir}/usr/extension` directory. |=== ### Request Example ```bash featureUtility installServerFeatures myserver ``` ```bash featureUtility installServerFeatures myserver --featuresBom=my.user.features:myBOM: ``` ### Response N/A (This is a command-line utility, output is via standard output/error) ### Exit Codes .Exit codes for the featureUtility installServerFeatures command [%header,cols="2,9"] |=== |Code |Explanation |0 |OK. 0 indicates successful completion of the requested operation. |20 |20 indicates that one or more arguments are not valid. |21 |21 indicates that a runtime exception occurred because of one or more of the following conditions: - A runtime exception occurred during the installation of the `.esa` subsystem archive file. - A license is not accepted or acknowledged. - The `.esa` subsystem archive file did not extract correctly. |22 |22 indicates that feature to be installed already exists. |23 |23 indicates that the feature definition was not valid for one or more of the following reasons: - The feature does not have a valid manifest file. - The version of the feature is not supported in this Open Liberty environment. - The `.zip` or `.jar` file that contains the feature files does not exist. |24 |24 indicates that the `.esa` subsystem archive file is missing content. |25 |25 indicates that an I/O exception occurred during the installation of the `.esa` subsystem archive file. |=== ```