### server Command Examples Source: https://openliberty.io/docs/24.0.0.6/reference/javadoc/spi/javaMail-1.6.com.ibm.ws.adaptable.module Illustrates common server management commands for Open Liberty. These commands cover server creation, starting, stopping, listing, debugging, and viewing version information. ```shell server create server start server stop server list server debug server version ``` -------------------------------- ### featureUtility Command Examples Source: https://openliberty.io/docs/24.0.0.6/reference/javadoc/spi/javaMail-1.6.com.ibm.ws.adaptable.module Demonstrates the usage of the featureUtility command for managing Open Liberty features. It includes examples for finding features, accessing help, and installing features and server features. ```shell featureUtility find featureUtility help featureUtility installFeature featureUtility installServerFeatures ``` -------------------------------- ### Open Liberty server start command syntax Source: https://openliberty.io/docs/23.0.0.12/reference/command/server-start Illustrates the general syntax for the `server start` command, including the server name and optional parameters. The command should be run from the `_path_to_liberty_/wlp/bin` directory. ```shell server start _serverName_ [_options_] ``` -------------------------------- ### Quick Start Security Configuration Source: https://openliberty.io/docs/23.0.0.12/reference/feature/restConnector-2 Configures a minimal setup for testing and development by automatically setting up a single user with administrator privileges using quickStartSecurity. ```xml restConnector-2.0 ``` -------------------------------- ### Enable QuickStart Security in server.xml Source: https://openliberty.io/docs/25.0.0.8/user-registries-application-security This configuration enables QuickStart security in Open Liberty by including the `quickStartSecurity` element in `server.xml`. It automatically sets up a single administrator user for testing purposes, simplifying initial security setup. ```xml applicationSecurity-3.0 ``` -------------------------------- ### Start After Dependencies Source: https://openliberty.io/docs/25.0.0.5/reference/config/webApplication Specifies applications that must start before this application can begin its startup process. This ensures proper dependency ordering. ```APIDOC ## WEBAPPLICATION > STARTAFTER ### Description Specifies applications that are required to start before this application can begin starting. ### Method N/A (Configuration Schema) ### Endpoint N/A (Configuration Schema) ### Parameters #### Path Parameters None #### Query Parameters None #### Request Body - **application** (string) - Required - The name of the application that must start before this one. ### Request Example ```json { "application": "myDependencyApp" } ``` ### Response #### Success Response (200) N/A (Configuration Schema) #### Response Example N/A (Configuration Schema) ``` -------------------------------- ### Dockerfile for InstantOn image build with checkpoint.sh Source: https://openliberty.io/docs/25.0.0.4/instanton This Dockerfile example demonstrates how to build an InstantOn container image by including the checkpoint.sh script. It specifies the base image, copies configuration and application files, runs setup scripts, and crucially includes 'RUN checkpoint.sh afterAppStart' to create the application checkpoint as the last layer. This method requires Podman due to specific Linux capability requirements. ```Dockerfile FROM icr.io/appcafe/open-liberty:kernel-slim-java17-openj9-ubi # Add a Liberty server configuration that includes all necessary features COPY --chown=1001:0 server.xml /config/ # This script adds the requested XML snippets to enable Liberty features and grow the image to be fit-for-purpose. # This option is available only in the 'kernel-slim' image type. The 'full' and 'beta' tags already include all features. RUN features.sh # Add interim fixes (optional) COPY --chown=1001:0 interim-fixes /opt/ol/fixes/ # Add an application COPY --chown=1001:0 Sample1.war /config/dropins/ # This script adds the requested server configuration, applies any interim fixes, and populates caches to optimize the runtime. RUN configure.sh # This script performs an InstantOn checkpoint of the application. # The application can use beforeAppStart or afterAppStart to do the checkpoint. # The default is beforeAppStart when not specified RUN checkpoint.sh afterAppStart ``` -------------------------------- ### webApplication > startAfter Source: https://openliberty.io/docs/latest/reference/config/webApplication Specifies applications that must start before this application can begin starting. ```APIDOC ## webApplication > startAfter ### Description Specifies applications that are required to start before this application can begin starting. ### Method Not Applicable (Configuration Element) ### Endpoint Not Applicable (Configuration Element) ### Parameters #### Path Parameters None #### Query Parameters None #### Request Body - **autoStart** (boolean) - Optional - Indicates whether or not the server automatically starts the application. Defaults to `true`. - **classloaderRef** (string) - Optional - Defines the settings for an application classloader by referencing a top-level classloader element. - **context-root** (string) - Optional - The context root of the application. - **id** (string) - Optional - A unique configuration ID. - **location** (string) - Required - The location of the application, expressed as an absolute path or a path relative to the server-level apps directory. - **name** (string) - Optional - The name of the application. - **startAfterRef** (string) - Optional - A comma-separated string of references to top-level application elements that must start before this application. - **type** (string) - Optional - The type of the application archive. - **useJandex** (boolean) - Optional - Enables the use of Jandex index files if they are supplied with the application. ### Request Example ```json { "autoStart": true, "classloaderRef": "myLoader", "context-root": "/myapp", "id": "app1", "location": "/path/to/app.war", "name": "myApplication", "startAfterRef": "app0,appRef2", "type": "war", "useJandex": false } ``` ### Response #### Success Response (200) This element does not return a response, it configures the server. #### Response Example None ``` -------------------------------- ### Start After Dependency Source: https://openliberty.io/docs/25.0.0.6/reference/config/webApplication Specifies applications that must start before this application can begin starting. ```APIDOC ## POST /api/webApplication/startAfter ### Description Specifies applications that are required to start before this application. ### Method POST ### Endpoint /api/webApplication/startAfter ### Parameters #### Request Body - **name** (string) - Required - The name of the application that must start first. ### Request Example ```json { "name": "com.example.RequiredApp" } ``` ### Response #### Success Response (200) - **message** (string) - Confirmation message of successful configuration. #### Response Example ```json { "message": "Start after dependency configured successfully." } ``` ``` -------------------------------- ### Start and Stop Open Liberty Server Source: https://openliberty.io/docs/24.0.0.6/deploy-spring-boot Commands to start and stop the Open Liberty server instance named 'helloserver'. The 'server run' command starts the server in the foreground. ```shell server run helloserver ``` ```shell server stop helloserver ``` -------------------------------- ### webApplication > startAfter Source: https://openliberty.io/docs/25.0.0.7/reference/config/webApplication Specifies applications that are required to start before this application can begin starting. ```APIDOC ## POST /websites/openliberty_io/webApplication/startAfter ### Description Configures the applications that must start before this application. ### Method POST ### Endpoint /websites/openlibley_io/webApplication/startAfter ### Parameters #### Request Body - **appName** (string) - Required - The name of the application that must start first. ### Request Example { "appName": "dependentApp" } ### Response #### Success Response (200) - **message** (string) - Success message indicating the startAfter dependency was configured. #### Response Example { "message": "StartAfter dependency configured successfully." } ``` -------------------------------- ### Open Liberty server start Source: https://openliberty.io/docs/24.0.0.9/reference/javadoc/spi/servlet-4.0.com.ibm.wsspi.artifact.factory Command to start an Open Liberty server instance. This command launches the server process, making it ready to accept requests. ```shell server start myServerName ``` -------------------------------- ### Start Open Liberty server in background Source: https://openliberty.io/docs/25.0.0.6/reference/command/server-start Starts the specified Open Liberty server as a background process. Output is redirected to a console log file. Supports starting with custom variables and a clean cache. ```shell server start myserver ``` ```shell server start myserver -- --variable_name=variable_value ``` ```shell server start myserver --clean ``` ```shell server start _serverName_ [_options_] ``` -------------------------------- ### Resource Adapter Installation Source: https://openliberty.io/docs/25.0.0.7/reference/config/resourceAdapter Defines the installation of a resource adapter, specifying its location and start behavior. ```APIDOC ## POST /websites/openliberty_io/resourceAdapter ### Description Configures a resource adapter installation, including its start behavior and location. ### Method POST ### Endpoint /websites/openlibley_io/resourceAdapter ### Parameters #### Request Body - **autoStart** (boolean) - Optional - Configures whether a resource adapter starts automatically upon deployment or lazily. - **classloaderRef** (string) - Optional - A reference to a top-level classloader element. - **id** (string) - Required - A unique configuration ID for the resource adapter. - **location** (string) - Required - Defines the path of the RAR file to install (can be a file, directory, or URL). - **useJandex** (boolean) - Optional - Enables the use of Jandex index files if supplied. ### Request Example ```json { "id": "myResourceAdapter", "location": "/path/to/my.rar", "autoStart": true, "useJandex": false } ``` ### Response #### Success Response (200) - **message** (string) - Confirmation message of successful configuration. #### Response Example ```json { "message": "Resource adapter 'myResourceAdapter' configured successfully." } ``` ``` -------------------------------- ### Dockerfile for InstantOn Image with Podman Source: https://openliberty.io/docs/23.0.0.9/instanton This Dockerfile example demonstrates how to build an InstantOn application container image using Open Liberty's kernel-slim image, including copying server configurations, features, interim fixes, and the application itself. It concludes with running `configure.sh` and `checkpoint.sh` for application checkpointing. ```Dockerfile FROM icr.io/appcafe/open-liberty:kernel-slim-java17-openj9-ubi # Add a Liberty server configuration that includes all necessary features COPY --chown=1001:0 server.xml /config/ # This script adds the requested XML snippets to enable Liberty features and grow the image to be fit-for-purpose. # This option is available only in the 'kernel-slim' image type. The 'full' and 'beta' tags already include all features. RUN features.sh # Add interim fixes (optional) COPY --chown=1001:0 interim-fixes /opt/ol/fixes/ # Add an application COPY --chown=1001:0 Sample1.war /config/dropins/ # This script adds the requested server configuration, applies any interim fixes, and populates caches to optimize the runtime. RUN configure.sh # This script performs an InstantOn checkpoint of the application. # The application can use beforeAppStart or afterAppStart to do the checkpoint. # The default is beforeAppStart when not specified RUN checkpoint.sh afterAppStart ``` -------------------------------- ### Enterprise Application Start After Configuration Source: https://openliberty.io/docs/24.0.0.6/reference/config/enterpriseApplication Specifies dependencies and configuration elements that an enterprise application should start after. This includes resource adapters, web application bindings, and their sub-configurations. ```APIDOC ## Enterprise Application Start After Configuration ### Description Specifies dependencies and configuration elements that an enterprise application should start after. This includes resource adapters, web application bindings, and their sub-configurations. ### Method GET (for retrieving configuration) / PUT (for updating configuration) ### Endpoint /path/to/enterpriseApplication/startAfter ### Parameters #### Path Parameters - None #### Query Parameters - None #### Request Body - **resourceAdapter** (object) - Optional - Configuration for resource adapters. - **contextService** (object) - Configuration for the context service within a resource adapter. - **classloaderContext** (object) - Configuration for classloader context. - **id** (string) - A unique configuration ID. - **jeeMetadataContext** (object) - Configuration for JEE metadata context. - **id** (string) - A unique configuration ID. - **securityContext** (object) - Configuration for security context. - **id** (string) - A unique configuration ID. - **customize** (object) - Customization properties for activation specifications, administered objects, or connection factories. - **implementation** (string) - Fully qualified implementation class name. - **interface** (string) - Fully qualified interface class name. - **suffix** (string) - Overrides the default suffix for configuration properties. - **web-bnd** (object) - Specifies binding properties for a web application. - **moduleName** (string) - The module name to which the binding applies. - **data-source** (object) - Specifies the binding for a data source. - **binding-name** (string) - The data source binding name. - **id** (string) - A unique configuration ID. - **name** (string) - The data source name. - **ejb-ref** (object) - Specifies the binding for an EJB Reference. - **binding-name** (string) - The binding name for the EJB reference. - **id** (string) - A unique configuration ID. - **name** (string) - The name for the EJB reference. - **env-entry** (object) - Specifies the binding for an environment entry. - **binding-name** (string) - The binding name for the environment entry. - **id** (string) - A unique configuration ID. - **name** (string) - The name of the environment entry. - **value** (string) - The value of the environment entry. - **message-destination-ref** (object) - Specifies the binding for a message destination reference. - **binding-name** (string) - The binding name for the message destination reference. - **id** (string) - A unique configuration ID. - **name** (string) - The name for the message destination reference. ### Request Example ```json { "resourceAdapter": { "contextService": { "securityContext": { "id": "mySecurityContext" } }, "customize": { "implementation": "com.example.MyAdapterImpl", "interface": "com.example.MyAdapter" } }, "web-bnd": { "moduleName": "myWebApp", "data-source": { "binding-name": "jdbc/myDB", "name": "myDataSource" } } } ``` ### Response #### Success Response (200) - Returns the configured start-after dependencies and bindings. #### Response Example ```json { "resourceAdapter": { "contextService": { "securityContext": { "id": "mySecurityContext" } }, "customize": { "implementation": "com.example.MyAdapterImpl", "interface": "com.example.MyAdapter" } }, "web-bnd": { "moduleName": "myWebApp", "data-source": { "binding-name": "jdbc/myDB", "name": "myDataSource" } } } ``` ``` -------------------------------- ### Open Liberty SECURITY_AUDIT_MGMT Event Example (CADF) Source: https://openliberty.io/docs/23.0.0.12/audit-log-events-list-cadf This example demonstrates the structure of the SECURITY_AUDIT_MGMT event in CADF format, capturing the start of the audit service and an audit file handler. ```json { "eventName":"SECURITY_AUDIT_MGMT", "eventSequenceNumber":"0", "eventTime":"2018-07-10 12:15:34.339", "observer": { "id":"websphere: sage.xyz.com:/opt/ol/wlp/usr/:scim.custom.repository.audit", "name":"AuditService", "typeURI":"service/server" }, "outcome":"success", "target": { "id":"websphere: sage.xyz.com:/opt/ol/wlp/usr/:scim.custom.repository.audit", "typeURI":"service/audit/start" } } { "eventName":"SECURITY_AUDIT_MGMT", "eventSequenceNumber":"1", "eventTime":"2018-07-10 12:15:34.471", "observer": { "id":"websphere: sage.xyz.com:/opt/ol/wlp/usr/:scim.custom.repository.audit", "name":"AuditHandler:AuditFileHandler", "typeURI":"service/server" }, "outcome":"success", "target": { "id":"websphere: sage.xyz.com:/opt/ol/wlp/usr/:scim.custom.repository.audit", "typeURI":"service/audit/start" } } ``` -------------------------------- ### server: Start Server Source: https://openliberty.io/docs/23.0.0.12/reference/javadoc/spi/mpJwt-2.1.com.ibm.wsspi.anno Starts a Liberty server instance. This command can be used in the foreground or background. ```shell server start ``` -------------------------------- ### Application Code Examples for InstantOn Checkpoints Source: https://openliberty.io/docs/25.0.0.5/instanton Illustrates application code patterns in Jakarta EE and MicroProfile that might influence the choice between `beforeAppStart` and `afterAppStart` checkpoint options. Examples include servlets with `loadOnStartup`, EJBs with `@Startup`, and CDI beans with `@Observes @Initialized`. ```java Servlet with loadOnStartup attribute ``` ```java EJB with @Startup annotation ``` ```java CDI bean with @Observes @Initialized(ApplicationScoped.class) annotations ``` -------------------------------- ### Open Liberty SECURITY_AUDIT_MGMT Event Examples Source: https://openliberty.io/docs/23.0.0.12/json-log-events-list These examples demonstrate the structure and content of the SECURITY_AUDIT_MGMT event, capturing the start of the Audit Service and AuditFileHandler events. Each JSON object represents a distinct audit log entry. ```json { "type":"liberty_audit", "host":"sage.xyz.com", "ibm_userDir":"\/opt\/ol\/wlp\/usr\/", "ibm_serverName":"TestServer.audit", "ibm_datetime":"2018-07-10T16:15:35.110-0400", "ibm_sequence":"1536171863908_0000000000001", "ibm_threadId":"00000013", "ibm_audit_eventName":"SECURITY_AUDIT_MGMT", "ibm_audit_eventSequenceNumber":"0", "ibm_audit_eventTime":"2018-07-10T16:15:34.339-0400", "ibm_audit_observer.id":"websphere: sage.xyz.com:\/opt\/ol\/wlp\/usr\/:TestServer.audit", "ibm_audit_observer.name":"AuditService", "ibm_audit_observer.typeURI":"service\/server", "ibm_audit_outcome":"success", "ibm_audit_target.id":"websphere: sage.xyz.com:\/opt\/ol\/wlp\/usr\/:TestServer.audit", "ibm_audit_target.typeURI":"service\/audit\/start" } { "type":"liberty_audit", "host":"sage.xyz.com", "ibm_userDir":"\/opt\/ol\/wlp\/usr\/", "ibm_serverName":"TestServer.audit", "ibm_datetime":"2018-07-10T16:15:35.740-0400", "ibm_sequence":"1536171863908_0000000000002", "ibm_threadId":"00000013", "ibm_audit_eventName":"SECURITY_AUDIT_MGMT", "ibm_audit_eventSequenceNumber":"1", "ibm_audit_eventTime":"2018-07-10T16:15:34.471-0400", "ibm_audit_observer.id":"websphere: sage.xyz.com:\/opt\/ol\/wlp\/usr\/:TestServer.audit", "ibm_audit_observer.name":"AuditHandler:AuditFileHandler", "ibm_audit_observer.typeURI":"service\/server", "ibm_audit_outcome":"success", "ibm_audit_target.id":"websphere: sage.xyz.com:\/opt\/ol\/wlp\/usr\/:TestServer.audit", "ibm_audit_target.typeURI":"service\/audit\/start" } ``` -------------------------------- ### Servlet Startup Annotation Source: https://openliberty.io/docs/25.0.0.6/instanton Example of a Jakarta EE servlet using the 'loadOnStartup' attribute, which can influence the choice of InstantOn checkpoint. ```java import javax.servlet.annotation.WebServlet; import javax.servlet.annotation.WebInitParam; import javax.servlet.http.HttpServlet; @WebServlet(name = "MyServlet", urlPatterns = {"/myservlet"}, loadOnStartup = 1) public class MyServlet extends HttpServlet { // Servlet implementation } ``` -------------------------------- ### Jakarta EE and MicroProfile Startup Code Examples Source: https://openliberty.io/docs/23.0.0.9/instanton Illustrates common patterns in Jakarta EE and MicroProfile applications where code executes during application startup, potentially influencing the choice of InstantOn checkpoint timing. ```java Servlet using the `loadOnStartup` attribute EJB using the `@Startup` annotation CDI bean using `@Observes @Initialized(ApplicationScoped.class)` annotations ``` -------------------------------- ### Displaying Installed Open Liberty Features Source: https://openliberty.io/docs/23.0.0.12/security-vulnerabilities This code snippet shows an example log message from Open Liberty that lists the features installed and running on the server. This information is useful for determining which CVEs might affect your Liberty configuration. ```log CWWKF0012I: The server installed the following features: [appSecurity-2.0, distributedMap-1.0, jndi-1.0, samlWeb-2.0, servlet-3.0, ssl-1.0]. ``` -------------------------------- ### Install Open Liberty Operator using kustomize Source: https://openliberty.io/docs/23.0.0.12/open-liberty-operator Instructions for installing the Open Liberty Operator on Kubernetes platforms other than OpenShift using kustomize. ```bash kustomize build | kubectl apply -f - ``` -------------------------------- ### Accessing Health Check Results Source: https://openliberty.io/docs/latest/health-check-microservices Examples of how to access the health check results for live, ready, and started endpoints in a web browser. ```APIDOC ## Accessing Health Check Results You can view health check results by navigating to the respective endpoint URLs in a web browser. The base URL follows the pattern `http://:/health/`. ### Example URLs Assuming a microservice running on `localhost` with port `9443`: - **Liveness Check**: `http://localhost:9443/health/live` - **Readiness Check**: `http://localhost:9443/health/ready` - **Startup Check** (MicroProfile 3.1+): `http://localhost:9443/health/started` ``` -------------------------------- ### Building InstantOn Image with checkpoint.sh Source: https://openliberty.io/docs/25.0.0.6/instanton Adds a RUN instruction to a Dockerfile or Containerfile to execute the checkpoint.sh script during the container image build process, typically requiring Podman. ```dockerfile FROM open-liberty:latest # ... other configurations ... RUN /opt/ol/instanton/bin/checkpoint.sh # ... application deployment ... CMD ["server", "run"] ``` -------------------------------- ### OpenLiberty Testcontainers Setup (Java) Source: https://openliberty.io/docs/24.0.0.9/integration-testing Demonstrates the setup of a JUnit 5 test class for Open Liberty using Testcontainers. It shows how to define the Docker image, configure the container to expose ports and copy files, and wait for the application to start. Includes a log consumer for capturing container output. ```java import org.junit.jupiter.api.BeforeAll; import org.junit.jupiter.api.Test; import org.testcontainers.containers.GenericContainer; import org.testcontainers.containers.output.Slf4jLogConsumer; import org.testcontainers.junit.jupiter.Container; import org.testcontainers.junit.jupiter.Testcontainers; import static io.restassured.RestAssured.given; import static org.hamcrest.Matchers.equalTo; @Testcontainers public class ServiceTest { static final String libertyImage = "openliberty/open-liberty:latest"; @Container public static GenericContainer libertyContainer = new GenericContainer<>(libertyImage) .withExposedPorts(9080, 9443) .withFileSystemBind("../target/sample.war", "/opt/ol/wlp/usr/servers/defaultServer/apps/sample.war") .withFileSystemBind("../src/test/liberty/config", "/opt/ol/wlp/usr/servers/defaultServer/server.xml") .withLogConsumer(new Slf4jLogConsumer(logger).withPrefix("LIBERTY")); @BeforeAll static void setUp() { String host = libertyContainer.getHost(); Integer mappedPort = libertyContainer.getMappedPort(9080); RestAssured.baseURI = String.format("http://%s:%d", host, mappedPort); } @Test void testService() { // ... test logic here ... } } ``` -------------------------------- ### InstantOn RUN Configuration Options Source: https://openliberty.io/docs/24.0.0.3/instanton Specifies the configuration options for taking an InstantOn checkpoint. 'afterAppStart' takes a checkpoint after the application starts, offering faster startup but may not suit all applications. 'beforeAppStart' takes a checkpoint before the application starts, suitable for applications with startup code that is incompatible with 'afterAppStart'. ```configuration RUN --instantOn=afterAppStart RUN --instantOn=beforeAppStart ``` -------------------------------- ### featureUtility installServerFeatures Source: https://openliberty.io/docs/25.0.0.8/reference/command/featureUtility-installServerFeatures The `featureUtility installServerFeatures` command installs the required features listed in the `server.xml` file of a specified server. It can install both versioned and versionless features. ```APIDOC ## featureUtility installServerFeatures ### Description Installs required features listed in the `server.xml` file for a specified Open Liberty server. This command supports installing both versioned and versionless features. ### Method CLI Command ### Endpoint Not Applicable (CLI Command) ### Parameters #### Path Parameters - **serverName** (string) - Required - The name of the server to run the command against. #### Query Parameters - **--acceptLicense** (boolean) - Optional - Accepts the license agreement for the feature if it differs from the Liberty server's license. - **--featuresBom** (string) - Optional - Specifies the Maven coordinates for a features BOM file to install custom user features from a Maven repository. - **--noCache** (boolean) - Optional - Prevents local caching of features installed from remote repositories like Maven Central. - **--verbose** (boolean) - Optional - Displays additional debug information during execution. - **--verify** (string) - Optional - Specifies how features must be verified. Supported values are `enforce` (default), `skip`, `all`, and `warn`. * `enforce`: Verifies signatures of all Liberty features except user features. * `skip`: Skips the verification process entirely. * `all`: Verifies signatures of both Liberty features and user features. * `warn`: Verifies both Liberty and user features, but allows the process to continue with a warning on verification failure. - **--to** (string) - Optional - Specifies the extension location to install user features. Defaults to `{wlp.install.dir}/usr/extension`. ### Request Example ``` featureUtility installServerFeatures myserver featureUtility installServerFeatures myserver --featuresBom=my.user.features:myBOM:21.0.0.11 ``` ### Response #### Success Response (0) - **Output** (string) - Confirmation message indicating successful feature installation. #### Response Example ``` Successfully installed features for server myserver. ``` ### Error Handling - **Non-zero exit code**: Indicates an error during feature installation. Specific error messages will be printed to standard error. ``` -------------------------------- ### Open Liberty Container Image Prerequisites for InstantOn Source: https://openliberty.io/docs/23.0.0.9/instanton Details the runtime and host build system requirements for enabling InstantOn checkpoint and restore functionality in Open Liberty container images. ```text Runtime: - Open Liberty version 23.0.0.6 or later for X86-64/AMD64 UBI images. - IBM Semeru Java version 11.0.19+ or 17.0.7+. Host Build System: - Linux Operating System with kernel version 5.9 or greater. - X86-64/AMD64 processor architecture. - Privileged container builds enabled via Podman or Docker (version 23.0+ required for Docker). ``` -------------------------------- ### Example resource request with JWT in custom header Source: https://openliberty.io/docs/23.0.0.12/reference/feature/openidConnectClient-1 Demonstrates an HTTP GET request where the JWT is passed in a custom `jwt` header field. ```http GET /resource HTTP/1.1 Host: server.example.com jwt: mF_9.B5f-4.1JqM ``` -------------------------------- ### OpenLiberty SECURITY_AUDIT_MGMT Event Examples Source: https://openliberty.io/docs/23.0.0.9/json-log-events-list These examples showcase the structure of the SECURITY_AUDIT_MGMT event, capturing the start of the Audit Service and an AuditFileHandler. Each entry includes details like event type, host, server name, timestamps, thread ID, audit event name and sequence, observer details, outcome, and target information. ```json { "type":"liberty_audit", "host":"sage.xyz.com", "ibm_userDir":"\/opt\/ol\/wlp\/usr\/", "ibm_serverName":"TestServer.audit", "ibm_datetime":"2018-07-10T16:15:35.110-0400", "ibm_sequence":"1536171863908_0000000000001", "ibm_threadId":"00000013", "ibm_audit_eventName":"SECURITY_AUDIT_MGMT", "ibm_audit_eventSequenceNumber":"0", "ibm_audit_eventTime":"2018-07-10T16:15:34.339-0400", "ibm_audit_observer.id":"websphere: sage.xyz.com:\/opt\/ol\/wlp\/usr\/:TestServer.audit", "ibm_audit_observer.name":"AuditService", "ibm_audit_observer.typeURI":"service\/server", "ibm_audit_outcome":"success", "ibm_audit_target.id":"websphere: sage.xyz.com:\/opt\/ol\/wlp\/usr\/:TestServer.audit", "ibm_audit_target.typeURI":"service\/audit\/start" } ``` ```json { "type":"liberty_audit", "host":"sage.xyz.com", "ibm_userDir":"\/opt\/ol\/wlp\/usr\/", "ibm_serverName":"TestServer.audit", "ibm_datetime":"2018-07-10T16:15:35.740-0400", "ibm_sequence":"1536171863908_0000000000002", "ibm_threadId":"00000013", "ibm_audit_eventName":"SECURITY_AUDIT_MGMT", "ibm_audit_eventSequenceNumber":"1", "ibm_audit_eventTime":"2018-07-10T16:15:34.471-0400", "ibm_audit_observer.id":"websphere: sage.xyz.com:\/opt\/ol\/wlp\/usr\/:TestServer.audit", "ibm_audit_observer.name":"AuditHandler:AuditFileHandler", "ibm_audit_observer.typeURI":"service\/server", "ibm_audit_outcome":"success", "ibm_audit_target.id":"websphere: sage.xyz.com:\/opt\/ol\/wlp\/usr\/:TestServer.audit", "ibm_audit_target.typeURI":"service\/audit\/start" } ``` -------------------------------- ### Server Commands Source: https://openliberty.io/docs/25.0.0.7/reference/javadoc/spi/appClientSupport-2.0.com.ibm.wsspi.adaptable.module Outlines commands for managing Open Liberty server instances, including creation, starting, stopping, and debugging. ```APIDOC ## server commands ### Description Commands for managing Open Liberty server instances. ### create #### Description Creates a new server instance. ### debug #### Description Starts the server in debug mode. ### dump #### Description Generates a server dump. ### help #### Description Displays help information for server commands. ### javadump #### Description Generates a Java dump. ### list #### Description Lists server instances. ### package #### Description Packages the server for deployment. ### pause #### Description Pauses the server. ### resume #### Description Resumes the server. ### run #### Description Runs the server. ### start #### Description Starts the server. ### status #### Description Checks the status of the server. ### stop #### Description Stops the server. ### version #### Description Displays the server version. ``` -------------------------------- ### Web Application Start-Up Configuration Source: https://openliberty.io/docs/25.0.0.3/reference/config/webApplication Configuration for application start-up dependencies and properties. ```APIDOC ## webApplication > startAfter ### Description Specifies applications that are required to start before this application can begin starting. ### Method N/A (Configuration Schema) ### Endpoint N/A (Configuration Schema) ### Parameters #### Path Parameters - None #### Query Parameters - None #### Request Body - **autoStart** (boolean) - Optional, Default: true - Indicates whether or not the server automatically starts the application. - **classloaderRef** (string) - Optional - Defines the settings for an application classloader. - **context-root** (string) - Optional - Context root of an application. - **id** (string) - Optional - A unique configuration ID. - **location** (string) - Required - Location of an application expressed as an absolute path or a path relative to the server-level apps directory. - **name** (string) - Optional - Name of an application. - **startAfterRef** (string) - Optional - Specifies applications that are required to start before this application can begin starting (comma-separated). - **type** (string) - Optional - Type of application archive. - **useJandex** (boolean) - Optional - Enables use of Jandex index files if they are supplied in the application. ### Request Example ```json { "autoStart": false, "location": "/dropins/myApp.war", "name": "myApplication", "startAfterRef": "app1,app2" } ``` ### Response #### Success Response (200) - **autoStart** (boolean) - Indicates whether or not the server automatically starts the application. - **classloaderRef** (string) - Defines the settings for an application classloader. - **context-root** (string) - Context root of an application. - **id** (string) - A unique configuration ID. - **location** (string) - Location of an application. - **name** (string) - Name of an application. - **startAfterRef** (string) - Specifies applications that are required to start before this application can begin starting. - **type** (string) - Type of application archive. - **useJandex** (boolean) - Enables use of Jandex index files. #### Response Example ```json { "autoStart": false, "location": "/dropins/myApp.war", "name": "myApplication", "startAfterRef": "app1,app2" } ``` ## webApplication > startAfter > appProperties > property ### Description Provides custom properties to an application. ### Method N/A (Configuration Schema) ### Endpoint N/A (Configuration Schema) ### Parameters #### Path Parameters - None #### Query Parameters - None #### Request Body - **id** (string) - Optional - A unique configuration ID. - **name** (string) - Required - Provides name of the application scoped property. - **value** (string) - Required - Provides value of the application scoped property. ### Request Example ```json { "id": "prop1", "name": "custom.property.key", "value": "custom.property.value" } ``` ### Response #### Success Response (200) - **id** (string) - A unique configuration ID. - **name** (string) - Name of the application scoped property. - **value** (string) - Value of the application scoped property. #### Response Example ```json { "id": "prop1", "name": "custom.property.key", "value": "custom.property.value" } ``` ``` -------------------------------- ### Display help for springBootUtility Source: https://openliberty.io/docs/23.0.0.12/reference/command/springbootUtility-help Prints general help information for the `springBootUtility` command, detailing its available actions and options. ```bash springBootUtility help ``` -------------------------------- ### Server Commands Source: https://openliberty.io/docs/25.0.0.4/reference/javadoc/spi/servlet-4.0.com.ibm.wsspi.webcontainer.osgi Lists and describes the commands available for managing Open Liberty server instances, including creation, starting, stopping, and debugging. ```APIDOC ## Server Commands ### Description Commands for managing Open Liberty server instances. ### Commands - **create**: Create a new server. - **debug**: Start the server in debug mode. - **dump**: Generate a server dump. - **help**: Display help information for server commands. - **javadump**: Generate a Java dump. - **list**: List server instances. - **package**: Package a server. - **pause**: Pause the server. - **resume**: Resume the server. - **run**: Run the server. - **start**: Start the server. - **status**: Check the server status. - **stop**: Stop the server. - **version**: Display the server version. ``` -------------------------------- ### Open Liberty Keystore Configuration Examples Source: https://openliberty.io/docs/24.0.0.12/reference/config/ssl Demonstrates how to configure keystore properties in Open Liberty, including polling rate, read-only access, keystore type, and update triggers. ```properties ssl.keyStore.pollingRate=1s500ms ssl.keyStore.readOnly=true ssl.keyStore.type=PKCS12 ssl.keyStore.updateTrigger=polled ``` -------------------------------- ### Open Liberty Property Examples for Configuration Source: https://openliberty.io/docs/25.0.0.6/reference/directory-locations-properties Illustrates the usage of Open Liberty directory properties, such as `wlp.install.dir` and `wlp.user.dir`, within configuration files. These properties are essential for defining installation paths and user-specific directories. ```Properties wlp.install.dir=/opt/IBM/WebSphere/Liberty wlp.user.dir=/opt/IBM/WebSphere/Liberty/usr ``` -------------------------------- ### Register WriteListener for Asynchronous Write Source: https://openliberty.io/docs/23.0.0.12/async-io This example demonstrates how to register a `WriteListener` to handle asynchronous writes to the client. It starts an asynchronous context and sets the `WriteListener` on the `ServletOutputStream`. Dependencies include `HttpServletRequest`, `HttpServletResponse`, and `WriteListener`. ```Java @Override protected void service(HttpServletRequest req, HttpServletResponse res) throws IOException, ServletException { req.startAsync(); res.getOutputStream().setWriteListener(new SampleWriteListener(req, res, 200)); } ``` -------------------------------- ### InstantOn Configuration Options Source: https://openliberty.io/docs/25.0.0.6/instanton Specifies the InstantOn checkpoint timing relative to application startup. 'afterAppStart' offers faster startup but may not suit all applications, while 'beforeAppStart' is safer for application code that runs during startup. ```properties instantOn.run=afterAppStart instantOn.run=beforeAppStart ``` -------------------------------- ### Install Server Features (Open Liberty) Source: https://openliberty.io/docs/25.0.0.4/reference/command/featureUtility-installServerFeatures Installs the required features for a specified Open Liberty server. This command is typically run from the Liberty bin directory. ```bash featureUtility installServerFeatures myserver ``` ```bash featureUtility installServerFeatures myserver --featuresBom=my.user.features:myBOM: ``` ```bash featureUtility installServerFeatures _serverName_ [_options_] ``` -------------------------------- ### Get Full Request URI in WebSocket Session Source: https://openliberty.io/docs/24.0.0.9/reference/diff/jakarta-ee10-diff Retrieves the complete URI string for a WebSocket session, including the protocol and query string. This method is available starting with WebSocket 2.1. ```java import jakarta.websocket.Session; // ... Session session = ...; // Obtain the WebSocket session String requestURI = session.getRequestURI().toString(); ``` -------------------------------- ### Dockerfile for InstantOn image build Source: https://openliberty.io/docs/23.0.0.9/instanton This Dockerfile is used to build the base application container image without the InstantOn layer. It sets up the Open Liberty environment, copies server configurations, interim fixes, and the application WAR file, and runs configuration scripts. It assumes the use of a 'kernel-slim' image type. ```Dockerfile FROM icr.io/appcafe/open-liberty:kernel-slim-java17-openj9-ubi # Add a Liberty server configuration that includes all necessary features COPY --chown=1001:0 server.xml /config/ # This script adds the requested XML snippets to enable Liberty features and grow the image to be fit-for-purpose. # This option is available only in the 'kernel-slim' image type. The 'full' and 'beta' tags already include all features. RUN features.sh # Add interim fixes (optional) COPY --chown=1001:0 interim-fixes /opt/ol/fixes/ # Add an application COPY --chown=1001:0 Sample1.war /config/dropins/ # This script adds the requested server configuration, applies any interim fixes, and populates caches to optimize the runtime. RUN configure.sh ``` -------------------------------- ### securityUtility Command Examples Source: https://openliberty.io/docs/24.0.0.6/reference/javadoc/spi/javaMail-1.6.com.ibm.ws.adaptable.module Provides examples for the securityUtility command, used for security-related tasks in Open Liberty. This includes creating LTPA keys, generating SSL certificates, and encoding passwords. ```shell securityUtility createLTPAKeys securityUtility createSSLCertificate --server.ssl.alias= --password= --validity= securityUtility encode ``` -------------------------------- ### Configure JWT with GitHub Login (server.xml) Source: https://openliberty.io/docs/25.0.0.6/reference/config/githubLogin Example configuration for enabling JWT authentication alongside GitHub Login in Open Liberty's server.xml. This setup allows for secure token generation and validation. ```xml jwt-1.0 socialLogin-1.0 openidConnectClient-1.0 ```