### Kerberos Configuration File Example
Source: https://github.com/openliberty/docs/blob/vNext/modules/ROOT/pages/configuring-spnego-authentication.adoc
This is an example of a Kerberos configuration file. Ensure encryption types are consistent across your Kerberos setup.
```ini
[libdefaults]
default_realm = MYDOMAIN.EXAMPLE.COM
default_keytab_name = FILE:c:\windows\krb5.keytab
default_tkt_enctypes = rc4-hmac aes256-cts-hmac-sha1-96
default_tgs_enctypes = rc4-hmac aes256-cts-hmac-sha1-96
[realms]
MYDOMAIN.EXAMPLE.COM= {
kdc = host1.example.com:88
default_domain = example.com
}
[domain_realm]
.example.com = MYDOMAIN.EXAMPLE.COM
```
--------------------------------
### Install server features
Source: https://github.com/openliberty/docs/blob/vNext/modules/reference/pages/command/featureUtility-installServerFeatures.adoc
Use this command to install the required features for a specified server. Ensure you are in the `_path_to_liberty_/wlp/bin` directory.
```bash
featureUtility installServerFeatures myserver
```
--------------------------------
### Server start command syntax
Source: https://github.com/openliberty/docs/blob/vNext/modules/reference/pages/command/server-start.adoc
The general syntax for the `server start` command. Run this command from the `_path_to_liberty_/wlp/bin` directory. If no server name is provided, `defaultServer` is used.
```bash
server start _serverName_ [_options_]
```
--------------------------------
### MongoDB Configuration Example
Source: https://github.com/openliberty/docs/blob/vNext/modules/reference/pages/config/server-configuration-overview.adoc
Example of configuring MongoDB connection details using variables for ports and hosts.
```xml
```
--------------------------------
### List Servers in Open Liberty Installation
Source: https://github.com/openliberty/docs/blob/vNext/modules/reference/pages/command/server-list.adoc
Use this command to view all servers defined in your Open Liberty installation. Ensure you are in the `wlp/bin` directory.
```shell
server list
```
--------------------------------
### Start the Open Liberty Server
Source: https://github.com/openliberty/docs/blob/vNext/modules/ROOT/pages/data-definition-language-generation.adoc
Command to start the Open Liberty server. Replace with your server's name.
```bash
./bin/server start
```
--------------------------------
### Detect Transaction Start Before Checkpoint
Source: https://github.com/openliberty/docs/blob/vNext/modules/ROOT/pages/instanton-limitations.adoc
This Servlet example uses `loadOnStartup = 1` which can cause a transaction to begin before the InstantOn checkpoint, leading to a WTRN0155W warning and a checkpoint failure (WTRN0154E). Avoid this by using `beforeAppStart` or removing `loadOnStartup`.
```java
@WebServlet(urlPatterns = { "/StartupServlet" }, loadOnStartup = 1)
public class StartupServlet extends HttpServlet {
@Override
public void init() {
UserTransaction ut = UserTransactionFactory.getUserTransaction();
try {
ut.begin();
...
ut.commit();
} catch (Exception e) {
// something went wrong
}
}
}
```
--------------------------------
### Install Admin Center Feature
Source: https://github.com/openliberty/docs/blob/vNext/modules/ROOT/pages/admin-center.adoc
Install the Admin Center feature using the featureUtility command. Ensure you are in the `_path_to_liberty_/wlp/bin` directory.
```sh
featureUtility installFeature adminCenter-1.0
```
--------------------------------
### Start Open Liberty server with variables
Source: https://github.com/openliberty/docs/blob/vNext/modules/reference/pages/command/server-start.adoc
Start a specified Open Liberty server in the background while defining a variable. Variables set this way override all other sources and cannot be changed after the server starts. Ensure `--` precedes the variable definition.
```bash
server start myserver -- --variable_name=variable_value
```
--------------------------------
### Start Open Liberty server in background
Source: https://github.com/openliberty/docs/blob/vNext/modules/reference/pages/command/server-start.adoc
Use this command to start a specified Open Liberty server in the background. The server's output will be logged to `WLP_OUTPUT_DIR/serverName/logs/console.log`.
```bash
server start myserver
```
--------------------------------
### Skopeo Inspect Output Example
Source: https://github.com/openliberty/docs/blob/vNext/modules/ROOT/pages/container-images.adoc
This is an example of the output you can expect when inspecting an Open Liberty image for its version. The `` placeholder indicates where the specific version number would appear.
```json
"io.openliberty.version": "",
"liberty.version": ""
```
--------------------------------
### Start Open Liberty server as a Windows service
Source: https://github.com/openliberty/docs/blob/vNext/modules/ROOT/pages/windows-service.adoc
Use this command to start an Open Liberty server that has been registered as a Windows service. Replace `serverName` with the name of the service.
```shell
server startWinService myserver
```
--------------------------------
### Start Dev Mode with Container Support
Source: https://github.com/openliberty/docs/blob/vNext/modules/ROOT/pages/development-mode.adoc
Commands to start dev mode with container support. This compiles your application, builds the development image, and runs the server within a container, minimizing differences between development and production environments.
```bash
mvn liberty:devc
```
```bash
gradle libertyDevc
```
--------------------------------
### Start Open Liberty server with variable
Source: https://github.com/openliberty/docs/blob/vNext/modules/reference/pages/command/server-run.adoc
This command starts the `myserver` Open Liberty server in the foreground and sets a specific variable. The `--` separator is required before specifying variables.
```shell
server run myserver -- --variable_name=variable_value
```
--------------------------------
### Install server features with custom user features
Source: https://github.com/openliberty/docs/blob/vNext/modules/reference/pages/command/featureUtility-installServerFeatures.adoc
Install features for a server, including custom user features, by specifying the Maven coordinates for a features BOM. The `` should be the Open Liberty server version.
```bash
featureUtility installServerFeatures myserver --featuresBom=my.user.features:myBOM:
```
--------------------------------
### Create server with a template
Source: https://github.com/openliberty/docs/blob/vNext/modules/reference/pages/command/server-create.adoc
This example demonstrates how to create a server using a specific template, such as `jakartaee10`. Templates pre-configure features and settings for particular programming models.
```bash
server create myServer --template=jakartaee10
```
--------------------------------
### SECURITY_AUDIT_MGMT Event Example (AuditFileHandler Start)
Source: https://github.com/openliberty/docs/blob/vNext/modules/ROOT/pages/json-log-events-list.adoc
This JSON object represents a SECURITY_AUDIT_MGMT event, specifically capturing the start of an AuditFileHandler. It includes details about the host, server, timestamp, and the outcome of the handler start.
```json
{
"type":"liberty_audit",
"host":"sage.xyz.com",
```
--------------------------------
### SECURITY_AUDIT_MGMT Event Example (Audit Service Start)
Source: https://github.com/openliberty/docs/blob/vNext/modules/ROOT/pages/json-log-events-list.adoc
This JSON object represents a SECURITY_AUDIT_MGMT event, specifically capturing the start of the Audit Service. It includes details about the host, server, timestamp, and the outcome of the service start.
```json
{
"type":"liberty_audit",
"host":"sage.xyz.com",
"ibm_userDir":"\/opt\/ol\/wlp\/usr\/",
"ibm_serverName":"TestServer.audit",
"ibm_datetime":"2018-07-10T16:15:35.110-0400",
"ibm_sequence":"1536171863908_0000000000001",
"ibm_threadId":"00000013",
"ibm_audit_eventName":"SECURITY_AUDIT_MGMT",
"ibm_audit_eventSequenceNumber":"0",
"ibm_audit_eventTime":"2018-07-10T16:15:34.339-0400",
"ibm_audit_observer.id":"websphere: sage.xyz.com:\/opt\/ol\/wlp\/usr\/:TestServer.audit",
"ibm_audit_observer.name":"AuditService",
"ibm_audit_observer.typeURI":"service\/server",
"ibm_audit_outcome":"success",
"ibm_audit_target.id":"websphere: sage.xyz.com:\/opt\/ol\/wlp\/usr\/:TestServer.audit",
"ibm_audit_target.typeURI":"service\/audit\/start"
}
```
--------------------------------
### Servlet with DataSource Injection and Load-on-Startup
Source: https://github.com/openliberty/docs/blob/vNext/modules/ROOT/pages/instanton-limitations.adoc
A Servlet example that injects a DataSource and is configured to load on startup. This can lead to early injection issues with InstantOn.
```java
@WebServlet(urlPatterns = "/ExampleServlet", loadOnStartup = 1)
public class ExampleServlet extends HttpServlet {
@Resource(shareable = false)
private DataSource exampleDataSource;
...
}
```
--------------------------------
### SECURITY_AUDIT_MGMT Event - Audit Service Start
Source: https://github.com/openliberty/docs/blob/vNext/modules/ROOT/pages/audit-log-events-list-cadf.adoc
Example of a SECURITY_AUDIT_MGMT event capturing the start of the audit service. This event is generated by the Open Liberty Audit feature.
```json
{
"eventName":"SECURITY_AUDIT_MGMT",
"eventSequenceNumber":"0",
"eventTime":"2018-07-10 12:15:34.339",
"observer": {
"id":"websphere: sage.xyz.com:/opt/ol/wlp/usr/:scim.custom.repository.audit",
"name":"AuditService",
"typeURI":"service/server"
},
"outcome":"success",
"target": {
"id":"websphere: sage.xyz.com:/opt/ol/wlp/usr/:scim.custom.repository.audit",
"typeURI":"service/audit/start"
}
}
```
--------------------------------
### Dockerfile for InstantOn Image with Podman
Source: https://github.com/openliberty/docs/blob/vNext/modules/ROOT/pages/instanton.adoc
This Dockerfile example demonstrates how to build an InstantOn application container image using Podman. It specifies the base image, copies server configuration, and includes the checkpoint.sh script as the last RUN instruction to capture application process state.
```dockerfile
FROM icr.io/appcafe/open-liberty:kernel-slim-java17-openj9-ubi
# Add a Liberty server configuration that includes all necessary features
COPY --chown=1001:0 server.xml /config/
# This script adds the requested XML snippets to enable Liberty features and grow the image to be fit-for-purpose.
```
--------------------------------
### ACME Service Keystore Installation Error
Source: https://github.com/openliberty/docs/blob/vNext/modules/ROOT/pages/troubleshooting.adoc
Example error message when the ACME service fails to install a certificate into the keystore, potentially due to the keystore not being present.
```log
CWPKI2030E: The ACME service could not install a certificate under the default alias into the defaultKeyStore keystore. The error is 'The keystore [defaultKeyStore] is not present in the configuration'.
```
--------------------------------
### SECURITY_AUDIT_MGMT Event - Audit File Handler Start
Source: https://github.com/openliberty/docs/blob/vNext/modules/ROOT/pages/audit-log-events-list-cadf.adoc
Example of a SECURITY_AUDIT_MGMT event capturing the start of an audit file handler. This event is generated by the Open Liberty Audit feature.
```json
{
"eventName":"SECURITY_AUDIT_MGMT",
"eventSequenceNumber":"1",
"eventTime":"2018-07-10 12:15:34.471",
"observer": {
"id":"websphere: sage.xyz.com:/opt/ol/wlp/usr/:scim.custom.repository.audit",
"name":"AuditHandler:AuditFileHandler",
"typeURI":"service/server"
},
"outcome":"success",
"target": {
"id":"websphere: sage.xyz.com:/opt/ol/wlp/usr/:scim.custom.repository.audit",
"typeURI":"service/audit/start"
}
}
```
--------------------------------
### Display help for installFeature action
Source: https://github.com/openliberty/docs/blob/vNext/modules/reference/pages/command/featureUtility-help.adoc
Use this command to get detailed help for a specific `featureUtility` action, such as `installFeature`. Ensure you are in the `_path_to_liberty_/wlp/bin` directory when running.
```shell
featureUtility help installFeature
```
--------------------------------
### Dockerfile for InstantOn Image (No Checkpoint Script)
Source: https://github.com/openliberty/docs/blob/vNext/modules/ROOT/pages/instanton.adoc
This Dockerfile example sets up the base image for an InstantOn application. It uses a slim Open Liberty image and does not include the checkpoint script, suitable for the first step of a three-step build process.
```dockerfile
FROM icr.io/appcafe/open-liberty:kernel-slim-java17-openj9-ubi
```
--------------------------------
### Feature Utility Install Command Failure Example
Source: https://github.com/openliberty/docs/blob/vNext/modules/reference/pages/command/featureUtility-commands.adoc
Illustrates the output when `useDefaultRepository=false` is set and a custom repository cannot be reached during a `featureUtility install` command. The command fails with an error instead of attempting to use Maven Central.
```text
> featureUtility install mpHealth-2.2
Initializing ...
Using 8 threads to download artifacts.
http://alt.mycomp.com/maven2 cannot be connected
<---------------------> 0.00%
com.ibm.ws.install.InstallException: CWWKF1248E: One of the repositories that is specified in the configuration cannot be reached. Verify that your computer has network access and firewalls are configured correctly, then try the action again. If the connection still fails, the repository server might be temporarily unavailable.
```
--------------------------------
### Register WriteListener for Asynchronous Write
Source: https://github.com/openliberty/docs/blob/vNext/modules/ROOT/pages/async-io.adoc
This service method demonstrates the initial setup for asynchronous write operations. It starts the asynchronous context and registers a WriteListener with the ServletOutputStream.
```java
@Override
protected void service(HttpServletRequest req, HttpServletResponse res) throws IOException, ServletException {
req.startAsync();
res.getOutputStream().setWriteListener(new SampleWriteListener(req, res, 200));
}
```
--------------------------------
### Display help for the server command
Source: https://github.com/openliberty/docs/blob/vNext/modules/reference/pages/command/server-help.adoc
Use this command to view general help information for the `server` command. No setup or imports are required.
```sh
server help
```
--------------------------------
### General securityUtility help syntax
Source: https://github.com/openliberty/docs/blob/vNext/modules/reference/pages/command/securityUtility-help.adoc
This is the general syntax for running the `securityUtility help` command. Ensure you are in the `_path_to_liberty_/wlp/bin` directory. Replace `_actionName_` with the specific action you need help with.
```shell
securityUtility help _actionName_
```
--------------------------------
### Basic server.xml Configuration
Source: https://github.com/openliberty/docs/blob/vNext/modules/reference/pages/config/server-configuration-overview.adoc
This example configures the server to support the JavaServer Pages 2.3 feature, sets the HTTP port to 9080, and enables automatic expansion of WAR files.
```xml
jsp-2.3
```
--------------------------------
### Configure transaction recovery at server startup
Source: https://github.com/openliberty/docs/blob/vNext/modules/ROOT/pages/transaction-service.adoc
Use the `transaction` element in `server.xml` to configure transaction recovery. Setting `recoverOnStartup` to `true` ensures recovery occurs when the server starts, rather than when the service is first used. This example also sets transaction lifetime timeouts and disables heuristic retry.
```xml
```
--------------------------------
### EJB Authorization Event Example
Source: https://github.com/openliberty/docs/blob/vNext/modules/ROOT/pages/audit-log-events-list-cadf.adoc
Example of a successful EJB authorization audit event.
```APIDOC
## POST /api/audit/ejb/authorization
### Description
This endpoint provides details for a successful EJB authorization event.
### Method
POST
### Endpoint
/api/audit/ejb/authorization
### Request Body
```json
{
"eventName":"SECURITY_AUTHZ",
"eventSequenceNumber":"5",
"eventTime":"2018-07-16 10:37:56.719",
"initiator": {
"host": {
"address":"127.0.0.1",
"agent":"Apache-HttpClient/4.1.2 (java 1.5)"
}
},
"observer": {
"id":"websphere: sage.xyz.com:/opt/ol/wlp/usr/:scim.custom.repository.audit",
"name":"SecurityService",
"typeURI":"service/server"
},
"outcome":"success",
"reason": {
"reasonCode":"200",
"reasonType":"EJB Permit All"
},
"target": {
"appname":"securityejb",
"credential": {
"token":"user2",
"type":"BASIC"
},
"ejb": {
"beanname":"SecurityEJBA01Bean",
"method": {
"interface":"Local",
"signature":"runAsSpecified:"
},
"module": {
"name":"SecurityEJB.jar"
}
},
"host": {
"address":"127.0.0.1:8010"
},
"id":"websphere: sage.xyz.com:/opt/ol/wlp/usr/:scim.custom.repository.audit",
"method":"runAsSpecified",
"name":"/securityejb/SimpleServlet",
"params":"testInstance=ejb01&testMethod=runAsSpecified",
"realm":"BasicRealm",
"session":"NNLU_QCIGIOPHhKLWY1BxVJ",
"typeURI":"service/application/web"
}
}
```
### Response
#### Success Response (200)
- **event** (object) - The audit event details.
#### Response Example
```json
{
"event": {
"eventName":"SECURITY_AUTHZ",
"eventSequenceNumber":"5",
"eventTime":"2018-07-16 10:37:56.719",
"initiator": {
"host": {
"address":"127.0.0.1",
"agent":"Apache-HttpClient/4.1.2 (java 1.5)"
}
},
"observer": {
"id":"websphere: sage.xyz.com:/opt/ol/wlp/usr/:scim.custom.repository.audit",
"name":"SecurityService",
"typeURI":"service/server"
},
"outcome":"success",
"reason": {
"reasonCode":"200",
"reasonType":"EJB Permit All"
},
"target": {
"appname":"securityejb",
"credential": {
"token":"user2",
"type":"BASIC"
},
"ejb": {
"beanname":"SecurityEJBA01Bean",
"method": {
"interface":"Local",
"signature":"runAsSpecified:"
},
"module": {
"name":"SecurityEJB.jar"
}
},
"host": {
"address":"127.0.0.1:8010"
},
"id":"websphere: sage.xyz.com:/opt/ol/wlp/usr/:scim.custom.repository.audit",
"method":"runAsSpecified",
"name":"/securityejb/SimpleServlet",
"params":"testInstance=ejb01&testMethod=runAsSpecified",
"realm":"BasicRealm",
"session":"NNLU_QCIGIOPHhKLWY1BxVJ",
"typeURI":"service/application/web"
}
}
}
```
```
--------------------------------
### WEB Authorization Event Example
Source: https://github.com/openliberty/docs/blob/vNext/modules/ROOT/pages/audit-log-events-list-cadf.adoc
Example of a successful WEB authorization audit event.
```APIDOC
## POST /api/audit/web/authorization
### Description
This endpoint provides details for a successful WEB authorization event.
### Method
POST
### Endpoint
/api/audit/web/authorization
### Request Body
```json
{
"eventName":"SECURITY_AUTHZ",
"eventSequenceNumber":"4",
"eventTime":"2018-07-16 10:37:56.259",
"initiator": {
"host": {
"address":"127.0.0.1",
"agent":"Apache-HttpClient/4.1.2 (java 1.5)"
}
},
"observer": {
"id":"websphere: sage.xyz.com:/opt/ol/wlp/usr/:scim.custom.repository.audit",
"name":"SecurityService",
"typeURI":"service/server"
},
"outcome":"success",
"reason": {
"reasonCode":"200",
"reasonType":"HTTP"
},
"target": {
"appname":"SecurityEJBServlet",
"credential": {
"token":"user2",
"type":"BASIC"
},
"host": {
"address":"127.0.0.1:8010"
},
"id":"websphere: sage.xyz.com:/opt/ol/wlp/usr/:scim.custom.repository.audit",
"method":"GET",
"name":"/securityejb/SimpleServlet",
"params":"testInstance=ejb01&testMethod=runAsSpecified",
"realm":"BasicRealm",
"role": {
"names":"[AllAuthenticated]"
},
"session":"NNLU_QCIGIOPHhKLWY1BxVJ",
"typeURI":"service/application/web"
}
}
```
### Response
#### Success Response (200)
- **event** (object) - The audit event details.
#### Response Example
```json
{
"event": {
"eventName":"SECURITY_AUTHZ",
"eventSequenceNumber":"4",
"eventTime":"2018-07-16 10:37:56.259",
"initiator": {
"host": {
"address":"127.0.0.1",
"agent":"Apache-HttpClient/4.1.2 (java 1.5)"
}
},
"observer": {
"id":"websphere: sage.xyz.com:/opt/ol/wlp/usr/:scim.custom.repository.audit",
"name":"SecurityService",
"typeURI":"service/server"
},
"outcome":"success",
"reason": {
"reasonCode":"200",
"reasonType":"HTTP"
},
"target": {
"appname":"SecurityEJBServlet",
"credential": {
"token":"user2",
"type":"BASIC"
},
"host": {
"address":"127.0.0.1:8010"
},
"id":"websphere: sage.xyz.com:/opt/ol/wlp/usr/:scim.custom.repository.audit",
"method":"GET",
"name":"/securityejb/SimpleServlet",
"params":"testInstance=ejb01&testMethod=runAsSpecified",
"realm":"BasicRealm",
"role": {
"names":"[AllAuthenticated]"
},
"session":"NNLU_QCIGIOPHhKLWY1BxVJ",
"typeURI":"service/application/web"
}
}
}
```
```
--------------------------------
### Create a server named myserver
Source: https://github.com/openliberty/docs/blob/vNext/modules/reference/pages/command/server-create.adoc
Use this command to create a new Open Liberty server instance with a specific name. Ensure you are in the `_path_to_liberty_/wlp/bin` directory.
```bash
server create myserver
```
--------------------------------
### Start server in debug mode with variables
Source: https://github.com/openliberty/docs/blob/vNext/modules/reference/pages/command/server-debug.adoc
Starts the specified Open Liberty server in debug mode and sets a variable. Variables set on the command line override all other sources and cannot be changed after the server starts.
```shell
server debug myserver -- --variable_name=variable_value
```
--------------------------------
### Display help for createSSLCertificate action
Source: https://github.com/openliberty/docs/blob/vNext/modules/reference/pages/command/securityUtility-help.adoc
Use this command to get help information for a specific `securityUtility` action, such as `createSSLCertificate`.
```shell
securityUtility help createSSLCertificate
```
--------------------------------
### Outbound Response Code Examples
Source: https://github.com/openliberty/docs/blob/vNext/modules/ROOT/pages/jmx-metrics-list.adoc
Examples of using the `getTotalOutboundResponses` method for various HTTP status codes.
```APIDOC
## Outbound Response Code Metrics
This section details how to retrieve counts for specific outbound HTTP response status codes using the `getTotalOutboundResponses` method.
### Number of outbound 408 (Request Timeout) responses
`getTotalOutboundResponses(appName, "408");`
*Application*
The number of outbound 408 (Request Timeout) responses that belong to each application.
### Number of outbound 410 (Gone) responses
`getTotalOutboundResponses(appName, "410");`
*Application*
The number of outbound 410 (Gone) responses that belong to each application.
### Number of outbound 413 (Request Entity Too Large) responses
`getTotalOutboundResponses(appName, "413");`
*Application*
The number of outbound 413 (Request Entity Too Large) responses that belong to each application.
### Number of outbound 414 (Request URI Too Long) responses
`getTotalOutboundResponses(appName, "414");`
*Application*
The number of outbound 414 (Request URI Too Long) responses that belong to each application.
### Number of outbound 415 (Unsupported Media Type) responses
`getTotalOutboundResponses(appName, "415");`
*Application*
The number of outbound 415 (Unsupported Media Type) responses that belong to each application.
### Number of outbound 416 (Unsupported URI Scheme) responses
`getTotalOutboundResponses(appName, "416");`
*Application*
The number of outbound 416 (Unsupported URI Scheme) responses that belong to each application.
### Number of outbound 420 (Bad Extension) responses
`getTotalOutboundResponses(appName, "420");`
*Application*
The number of outbound 420 (Bad Extension) responses that belong to each application.
### Number of outbound 421 (Extension Required) responses
`getTotalOutboundResponses(appName, "421");`
*Application*
The number of outbound 421 (Extension Required) responses that belong to each application.
### Number of outbound 423 (Interval Too Brief) responses
`getTotalOutboundResponses(appName, "423");`
*Application*
The number of outbound 423 (Interval Too Brief) responses that belong to each application.
### Number of outbound 480 (Temporarily Unavailable) responses
`getTotalOutboundResponses(appName, "480");`
*Application*
The number of outbound 480 (Temporarily Unavailable) responses that belong to each application.
### Number of outbound 481 (Call Leg Done) responses
`getTotalOutboundResponses(appName, "481");`
*Application*
The number of outbound 481 (Call Leg Done) responses that belong to each application.
### Number of outbound 482 (Loop Detected) responses
`getTotalOutboundResponses(appName, "482");`
*Application*
The number of outbound 482 (Loop Detected) responses that belong to each application.
### Number of outbound 483 (Too Many Hops) responses
`getTotalOutboundResponses(appName, "483");`
*Application*
The number of outbound 483 (Too Many Hops) responses that belong to each application.
### Number of outbound 484 (Address Incomplete) responses
`getTotalOutboundResponses(appName, "484");`
*Application*
The number of outbound 484 (Address Incomplete) responses that belong to each application.
### Number of outbound 485 (Ambiguous) responses
`getTotalOutboundResponses(appName, "485");`
*Application*
The number of outbound 485 (Ambiguous) responses that belong to each application.
### Number of outbound 486 (Busy Here) responses
`getTotalOutboundResponses(appName, "486");`
*Application*
The number of outbound 486 (Busy Here) responses that belong to each application.
### Number of outbound 487 (Request Terminated) responses
`getTotalOutboundResponses(appName, "487");`
*Application*
The number of outbound 487 (Request Terminated) responses that belong to each application.
### Number of outbound 488 (Not Acceptable Here) responses
`getTotalOutboundResponses(appName, "488");`
*Application*
The number of outbound 488 (Not Acceptable Here) responses that belong to each application.
### Number of outbound 491 (Request Pending) responses
`getTotalOutboundResponses(appName, "491");`
*Application*
The number of outbound 491 (Request Pending) responses that belong to each application.
### Number of outbound 493 (Undecipherable) responses
`getTotalOutboundResponses(appName, "493");`
*Application*
The number of outbound 493 (Undecipherable) responses that belong to each application.
### Number of outbound 500 (Server Internal Error) responses
`getTotalOutboundResponses(appName, "500");`
*Application*
The number of outbound 500 (Server Internal Error) responses that belong to each application.
### Number of outbound 501 (Not Implemented) responses
`getTotalOutboundResponses(appName, "501");`
*Application*
The number of outbound 501 (Not Implemented) responses that belong to each application.
### Number of outbound 502 (Bad Gateway) responses
`getTotalOutboundResponses(appName, "502");`
*Application*
The number of outbound 502 (Bad Gateway) responses that belong to each application.
### Number of outbound 503 (Service Unavailable) responses
`getTotalOutboundResponses(appName, "503");`
*Application*
The number of outbound 503 (Service Unavailable) responses that belong to each application.
### Number of outbound 504 (Server Timeout) responses
`getTotalOutboundResponses(appName, "504");`
*Application*
The number of outbound 504 (Server Timeout) responses that belong to each application.
### Number of outbound 505 (Version Not Supported) responses
`getTotalOutboundResponses(appName, "505");`
*Application*
The number of outbound 505 (Version Not Supported) responses that belong to each application.
### Number of outbound 513 (Message Too Large) responses
`getTotalOutboundResponses(appName, "513");`
*Application*
The number of outbound 513 (Message Too Large) responses that belong to each application.
### Number of outbound 600 responses
`getTotalOutboundResponses(appName, "600");`
*Application*
```
--------------------------------
### Display help for a specific server action
Source: https://github.com/openliberty/docs/blob/vNext/modules/reference/pages/command/server-help.adoc
To get detailed help for a specific action, such as `create`, append the action name to the `server help` command. This is useful for understanding the parameters and usage of individual server actions.
```sh
server help create
```
--------------------------------
### User Lookup Action Example
Source: https://github.com/openliberty/docs/blob/vNext/modules/ROOT/pages/json-log-events-list.adoc
Example of an audit log entry for a SECURITY_MEMBER_MGMT user lookup action.
```APIDOC
## User Lookup Action Example
### Description
This example demonstrates an audit log entry for a `SECURITY_MEMBER_MGMT` user lookup action, showing the detailed fields captured.
### Request Example
```json
{
"type":"liberty_audit",
"host":"sage.xyz.com",
"ibm_userDir":"\/opt\/ol\/wlp\/usr\/",
"ibm_serverName":"scim.custom.repository.audit",
"ibm_datetime":"2018-07-24T14:59:82.433-0400",
"ibm_sequence":"1536329056532_0000000000048",
"ibm_threadId":"000000a5",
"ibm_audit_eventName":"SECURITY_MEMBER_MGMT",
"ibm_audit_eventSequenceNumber":"14",
"ibm_audit_eventTime":"2018-07-24T14:58:45.343-0400",
"ibm_audit_initiator.host.address":"127.0.0.1",
"ibm_audit_initiator.host.agent":"Java\/1.8.0",
"ibm_audit_observer.id":"websphere: sage.xyz.com:\/opt\/ol\/wlp\/usr\/:scim.custom.repository.audit",
"ibm_audit_observer.name":"SecurityService",
"ibm_audit_observer.typeURI":"service\/server",
"ibm_audit_outcome":"success",
"ibm_audit_reason.reasonCode":"200",
"ibm_audit_reason.reasonType":"HTTPS",
"ibm_audit_target.action":"get",
"ibm_audit_target.appname":"RESTProxyServlet",
"ibm_audit_target.credential.token":"adminUser",
"ibm_audit_target.credential.type":"BASIC",
"ibm_audit_target.entityType":"PersonAccount",
"ibm_audit_target.host.address":"127.0.0.1:63571",
"ibm_audit_target.id":"websphere: sage.xyz.com:\/opt\/ol\/wlp\/usr\/:scim.custom.repository.audit",
"ibm_audit_target.method":"POST",
"ibm_audit_target.name":"\/ibm\/api\/scim\/Users",
"ibm_audit_target.realm":"sampleCustomRepositoryRealm",
"ibm_audit_target.repositoryId":"sampleCustomRepository",
"ibm_audit_target.session":"myQz9fZu2ZUW0nEUWvEaiQC",
"ibm_audit_target.typeURI":"service\/vmmservice\/get",
"ibm_audit_target.uniqueName":"cn=usertemp,o=ibm,c=us"
}
```
```
--------------------------------
### Display help for springBootUtility
Source: https://github.com/openliberty/docs/blob/vNext/modules/reference/pages/command/springbootUtility-help.adoc
Use this command to display general help information for the springBootUtility command.
```bash
springBootUtility help
```
--------------------------------
### SECURITY_SAF_AUTHZ Event Example
Source: https://github.com/openliberty/docs/blob/vNext/modules/ROOT/pages/audit-log-events-list-cadf.adoc
Example JSON payload for a successful SECURITY_SAF_AUTHZ event, detailing SAF authorization.
```json
{
"eventName": "SECURITY_SAF_AUTHZ",
"eventSequenceNumber": "4",
"eventTime": "2019-04-29T19:45:16.161+0000",
"observer": {
"id": "websphere: sage.xyz.com:/opt/ol/wlp/usr/:TestServer.audit",
"name": "SecurityService",
"typeURI": "service/server"
},
"outcome": "success",
"target": {
"access": {
"level": "READ"
},
"applid": "BBGZDFLT",
"authorization": {
"decision": "true"
},
"credential": {
"token": "WSGUEST"
},
"id": "websphere: sage.xyz.com:/opt/ol/wlp/usr/:TestServer.audit",
"racf": {
"reason": {
"code": "0"
},
"return": {
"code": "0"
}
},
"saf": {
"class": "EJBROLE",
"profile": "BBGZDFLT.AUTHSERV",
"return": {
"code": "0"
}
},
"typeURI": "service/application/web",
"user": {
"security": {
"name": "WSGUEST"
}
}
}
}
```
--------------------------------
### springBootUtility help command syntax
Source: https://github.com/openliberty/docs/blob/vNext/modules/reference/pages/command/springbootUtility-help.adoc
The syntax for displaying help information for a specific action. Replace _actionName_ with the desired action.
```bash
springBootUtility help _actionName_
```
--------------------------------
### SECURITY_JMS_AUTHZ Event Example
Source: https://github.com/openliberty/docs/blob/vNext/modules/ROOT/pages/audit-log-events-list-cadf.adoc
Example JSON payload for a successful SECURITY_JMS_AUTHZ event, detailing JMS messaging authorization.
```json
{
"eventName":"SECURITY_JMS_AUTHZ",
"eventSequenceNumber":"11",
"eventTime":"2018-07-19 14:33:51.247 EDT",
"observer": {
"id":"websphere: sage.xyz.com:/opt/ol/wlp/usr/:scim.custom.repository.audit",
"name":"JMSMessagingImplementation",
"typeURI":"service/server"
},
"outcome":"success",
"reason": {
"reasonCode":"200",
"reasonType":"JMS"
},
"target": {
"credential": {
"token":"validUser",
"type":"BASIC"
},
"host": {
"address":"127.0.0.1:53166"
},
"id":"websphere: sage.xyz.com:/opt/ol/wlp/usr/:scim.custom.repository.audit",
"messaging": {
"busname":"defaultBus",
"callType":"remote",
"destination":"BANK",
"engine":"defaultME",
"jmsActions":"[BROWSE, SEND, RECEIVE]",
"jmsResource":"queue",
"operationType":"SEND",
"remote": {
"chainName":"InboundBasicMessaging"
}
},
"realm":"customRealm",
"typeURI":"service/jms/messagingResource"
}
}
```
--------------------------------
### Syntax for Server Keystore Creation
Source: https://github.com/openliberty/docs/blob/vNext/modules/reference/pages/command/securityUtility-createSSLCertificate.adoc
This syntax is used to create a keystore and certificate for an Open Liberty server. Ensure you are in the `_path_to_liberty_/wlp/bin` directory.
```sh
securityUtility createSSLCertificate --server=_serverName_ --password=_pwd_ [_options_]
```
--------------------------------
### Syntax for Client Keystore Creation
Source: https://github.com/openliberty/docs/blob/vNext/modules/reference/pages/command/securityUtility-createSSLCertificate.adoc
This syntax is used to create a keystore and certificate for an Open Liberty client. Ensure you are in the `_path_to_liberty_/wlp/bin` directory.
```sh
securityUtility createSSLCertificate --client=_clientName_ --password=_pwd_ [_options_]
```
--------------------------------
### Configure basic user registry with QuickStart security
Source: https://github.com/openliberty/docs/blob/vNext/modules/reference/pages/feature/appSecurity/examples.adoc
Use quickStartSecurity for test purposes to automatically configure a registry that grants the administrator role to a user. This is not intended for production environments.
```xml
```
--------------------------------
### Install Logstash Collector Feature
Source: https://github.com/openliberty/docs/blob/vNext/modules/ROOT/pages/forwarding-logs-logstash.adoc
Install the Logstash Collector feature using the featureUtility command if it is not already present on your server.
```shell
d:\wlp\bin\featureUtility installFeature logstashCollector-1.0
```
--------------------------------
### View featureUtility settings
Source: https://github.com/openliberty/docs/blob/vNext/modules/reference/pages/command/featureUtility-viewSettings.adoc
Run this command from the `_path_to_liberty_/wlp/bin` directory to view the configured repository and proxy settings.
```shell
featureUtility viewSettings [_option_]
```
--------------------------------
### Start server in debug mode
Source: https://github.com/openliberty/docs/blob/vNext/modules/reference/pages/command/server-debug.adoc
Starts the specified Open Liberty server in debug mode. The default debug port is 7777.
```shell
server debug myserver
```
--------------------------------
### Display help for a featureUtility action
Source: https://github.com/openliberty/docs/blob/vNext/modules/reference/pages/command/featureUtility-help.adoc
This is the general syntax for displaying help for any `featureUtility` action. Replace `_actionName_` with the specific action you need information about. Run this command from the `_path_to_liberty_/wlp/bin` directory.
```shell
featureUtility help _actionName_
```
--------------------------------
### Example JWKS document structure
Source: https://github.com/openliberty/docs/blob/vNext/modules/ROOT/pages/json-web-token.adoc
A JWKS document contains a set of keys. This example shows a single RSA key used for signature.
```json
{
"keys": [
{
"kty": "RSA",
"e": "AQAB",
"use": "sig",
"kid": "lYQxCgL6-n7usn_xm5jtY_DsN4V2D0r0lqqhcE6qaVE",
"alg": "RS256",
"n": "6OJVoJz......xwPVE"
}
]
}
```
--------------------------------
### Run InstantOn application with Podman
Source: https://github.com/openliberty/docs/blob/vNext/modules/ROOT/pages/instanton.adoc
Launches an InstantOn application container using Podman with necessary capabilities and port mapping. This command is used for initial setup and optimization.
```sh
podman run \
--rm \
--cap-add=CHECKPOINT_RESTORE \
--cap-add=NET_ADMIN \
--cap-add=SYS_PTRACE \
--security-opt seccomp=criuRequiredSysCalls.json \
-p 9080:9080 \
liberty-app-instanton
```
--------------------------------
### Start Infinispan Server on OpenShift
Source: https://github.com/openliberty/docs/blob/vNext/modules/ROOT/pages/configuring-infinispan-support.adoc
This command deploys an Infinispan server instance on OpenShift, mapping the specified user and password to environment variables that can be used for authentication.
```bash
oc new-app --docker-image=infinispan/server --name=infinispan-server -e USER="sampleUser" -e PASS="samplePassword"
```
--------------------------------
### featureUtility installServerFeatures
Source: https://github.com/openliberty/docs/blob/vNext/modules/reference/pages/command/featureUtility-installServerFeatures.adoc
The `featureUtility installServerFeatures` command installs the required features that are listed in the `server.xml` file of a server. It can install both versioned and versionless features.
```APIDOC
## featureUtility installServerFeatures
### Description
Installs the required features for a specified Open Liberty server based on its `server.xml` configuration.
### Method
N/A (This is a command-line utility)
### Endpoint
N/A (This is a command-line utility)
### Parameters
#### Path Parameters
- **_serverName_** (string) - Required - The name of the server to run the command against.
#### Query Parameters
N/A
#### Request Body
N/A
### Options
.Options for the featureUtility installServerFeatures command
[%header,cols=2*]
|===
|Option
|Description
|--acceptLicense
|Accepts the license agreement for the feature if the feature has a different license from the Liberty server into which it's installed.
|--featuresBom
|Specifies the Maven coordinates for a features BOM file. Use this option to install custom user features from a Maven repository. Ensure that the repository also contains the associated features JSON file in the same group ID as the BOM.
|--noCache
|Specifies that features that are installed from a remote repository, such as Maven Central, aren't cached locally.
|--verbose
|Displays additional debug information while the action runs.
|--verify=_verify_
a|Specifies how features must be verified during a process or an installation. Supported values are `enforce`, `skip`, `all`, and `warn`. If this option is not specified, the default value is `enforce`.
* `enforce`: Verifies the signatures of all Liberty features except for user features. It checks the integrity and authenticity of the features that are provided by the Liberty framework.
* `skip`: Choosing this option skips the verification process altogether. No feature signatures are downloaded or checked. It expedites the installation process but must be used with caution, as it bypasses an important security step.
* `all`: Verifies both the Liberty features and the user features. The features that are provided by the Liberty framework and any additional user features or components are checked for integrity.
* `warn`: Similar to the `all` option, warn also verifies both the Liberty features and user features. This option allows the process to continue, even if some feature signatures cannot be validated. A verification failure does not immediately end the installation process, but it results in a warning message.
|--to
|Specify the extension location to install user features. If this option is not specified, the feature is installed to default `{wlp.install.dir}/usr/extension` directory.
|===
### Request Example
```bash
featureUtility installServerFeatures myserver
```
```bash
featureUtility installServerFeatures myserver --featuresBom=my.user.features:myBOM:
```
### Response
N/A (This is a command-line utility, output is via standard output/error)
### Exit Codes
.Exit codes for the featureUtility installServerFeatures command
[%header,cols="2,9"]
|===
|Code
|Explanation
|0
|OK. 0 indicates successful completion of the requested operation.
|20
|20 indicates that one or more arguments are not valid.
|21
|21 indicates that a runtime exception occurred because of one or more of the following conditions:
- A runtime exception occurred during the installation of the `.esa` subsystem archive file.
- A license is not accepted or acknowledged.
- The `.esa` subsystem archive file did not extract correctly.
|22
|22 indicates that feature to be installed already exists.
|23
|23 indicates that the feature definition was not valid for one or more of the following reasons:
- The feature does not have a valid manifest file.
- The version of the feature is not supported in this Open Liberty environment.
- The `.zip` or `.jar` file that contains the feature files does not exist.
|24
|24 indicates that the `.esa` subsystem archive file is missing content.
|25
|25 indicates that an I/O exception occurred during the installation of the `.esa` subsystem archive file.
|===
```