This feature enables support for securing the server runtime environment and applications using Jakarta Security 3.0.

Enabling this feature

To enable the Application Security 5.0 (Jakarta Security 3.0) feature, add the following element declaration into your server.xml file, inside the featureManager element:

<feature>appSecurity-5.0</feature>

Feature configuration elements

Standard API packages provided by this feature

  • jakarta.security.auth.message

  • jakarta.security.auth.message.callback

  • jakarta.security.auth.message.config

  • jakarta.security.auth.message.module

  • jakarta.security.enterprise

  • jakarta.security.enterprise.authentication.mechanism.http

  • jakarta.security.enterprise.authentication.mechanism.http.openid

  • jakarta.security.enterprise.credential

  • jakarta.security.enterprise.identitystore

  • jakarta.security.enterprise.identitystore.openid

Liberty API packages provided by this feature

  • com.ibm.websphere.security.auth.callback

  • com.ibm.websphere.security.web

  • com.ibm.wsspi.security.auth.callback

  • com.ibm.wsspi.security.common.auth.module

  • com.ibm.wsspi.security.tai

  • com.ibm.wsspi.security.token

Features that this feature enables

Supported Java versions

  • JavaSE-11.0

  • JavaSE-17.0

  • JavaSE-21.0

  • JavaSE-22.0

Features that enable this feature

Developing a feature that depends on this feature

If you are developing a feature that depends on this feature, include the following item in the Subsystem-Content header in your feature manifest file.

io.openliberty.appSecurity-5.0; type="osgi.subsystem.feature"