-
Notifications
You must be signed in to change notification settings - Fork 72
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #4218 from OpenLiberty/staging
Publish 25.0.0.1 beta and Japanese 2 year anniversary posts
- Loading branch information
Showing
3 changed files
with
394 additions
and
5 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,165 @@ | ||
| --- | ||
| layout: post | ||
| title: "Stronger password encryption and new InstantOn-supported features in 25.0.0.1-beta" | ||
| # Do NOT change the categories section | ||
| categories: blog | ||
| author_picture: https://avatars3.githubusercontent.com/dmuelle | ||
| author_github: https://github.com/dmuelle | ||
| seo-title: Stronger password encryption and new InstantOn-supported features in 25.0.0.1-beta - OpenLiberty.io | ||
| seo-description: The 25.0.0.1-beta release includes 256-bit AES password encryption and new additions to the collection of InstantOn-supported features. | ||
| blog_description: The 25.0.0.1-beta release includes 256-bit AES password encryption and new additions to the collection of InstantOn-supported features. | ||
| open-graph-image: https://openliberty.io/img/twitter_card.jpg | ||
| open-graph-image-alt: Open Liberty Logo | ||
| --- | ||
| = Stronger password encryption and new InstantOn-supported features in 25.0.0.1-beta | ||
| David Mueller <https://github.com/dmuelle> | ||
| :imagesdir: / | ||
| :url-prefix: | ||
| :url-about: / | ||
|
|
||
| The 25.0.0.1-beta release includes 256-bit AES password encryption and new additions to the collection of InstantOn-supported features. | ||
|
|
||
| * <<aes, Support for AES-256 password encryption>> | ||
| * <<instant, InstantOn support for Batch and Connectors Inbound Security features>> | ||
|
|
||
| See also link:{url-prefix}/blog/?search=beta&key=tag[previous Open Liberty beta blog posts]. | ||
|
|
||
| // // // // DO NOT MODIFY THIS COMMENT BLOCK <GHA-BLOG-TOPIC> // // // // | ||
| // Blog issue: https://github.com/OpenLiberty/open-liberty/issues/30261 | ||
| // Contact/Reviewer: Zech-Hein | ||
| // // // // // // // // | ||
| [#aes] | ||
| == Support for AES-256 password encryption | ||
|
|
||
| Open Liberty supports Advanced Encryption Standard (AES) encryption for passwords that are stored in the `server.xml` file. This AES encryption now uses an AES-256 bit key. For AES decryption, Open Liberty supports both AES-128 and AES-256. Previously, Open Liberty AES password encryption and decryption used only a 128-bit key. The 256-bit key provides stronger encryption, making encrypted passwords more secure. | ||
|
|
||
| To encrypt a password with AES-256 encryption, run the `securityUtility encode` command from the `wlp/bin` directory with the `--encoding=aes` option. | ||
|
|
||
| [source,bash] | ||
| ---- | ||
| securityUtility encode --encoding=aes superAES256password | ||
| ---- | ||
|
|
||
| The response is a 256-bit AES encrypted password, similar to the following example: | ||
|
|
||
| [source,bash] | ||
| ---- | ||
| {aes}ARD63x6FQx6+JHq11ngCKqzBXgel9Hc2XfgGGQ1SZHqmpsDFOCIVGke/55Hd9vca0/iktghLeI/bm+/vH8voezWMSk4+6qayrBNU0JeHnLwEIVtjLo0Xd+/BbHhJgsINQOr0zhT1WHSVFjvzYU3vFNYe473cZA== | ||
| ---- | ||
|
|
||
| You can now use this password in your `server.xml` file, for example in your keystore definition: | ||
|
|
||
| [source,xml] | ||
| ---- | ||
| <keyStore id="MyKeyStore" password="{aes}ARD63x6FQx6+JHq11ngCKqzBXgel9Hc2XfgGGQ1SZHqmpsDFOCIVGke/55Hd9vca0/iktghLeI/bm+/vH8voezWMSk4+6qayrBNU0JeHnLwEIVtjLo0Xd+/BbHhJgsINQOr0zhT1WHSVFjvzYU3vFNYe473cZA==" /> | ||
| ---- | ||
|
|
||
| For more information, see the following resources: | ||
|
|
||
| - link:{url-prefix}/docs/latest/reference/command/securityUtility-encode.html[securityUtility encode command] | ||
| - link:{url-prefix}/docs/latest/reference/command/password-encryption.html[Password encryption limitations] | ||
|
|
||
| // DO NOT MODIFY THIS LINE. </GHA-BLOG-TOPIC> | ||
|
|
||
|
|
||
|
|
||
| // // // // DO NOT MODIFY THIS COMMENT BLOCK <GHA-BLOG-TOPIC> // // // // | ||
| // Blog issue: https://github.com/OpenLiberty/open-liberty/issues/30077 | ||
| // Contact/Reviewer: SmithaSubbarao | ||
| // // // // // // // // | ||
| [#instant] | ||
| == InstantOn support for Batch and Connectors Inbound Security features | ||
|
|
||
| Open Liberty InstantOn provides fast startup times for MicroProfile and Jakarta EE applications. InstantOn supports link:{url-prefix}/docs/latest/instanton.html#supported-features[a subset of Open Liberty features]. As of the 25.0.0.1-beta release, the following features are enhanced to support InstantOn: | ||
|
|
||
| - link:{url-prefix}/docs/latest/reference/feature/batch-1.0.html[Batch API] (`batch-1.0`) | ||
| - link:{url-prefix}/docs/latest/reference/feature/batch-2.0.html[Jakarta Batch 2.0] (`batch-2.0`) | ||
| - link:{url-prefix}/docs/latest/reference/feature/batch-2.1.html[Jakarta Batch 2.1] (`batch-2.1`) | ||
| - link:{url-prefix}/docs/latest/reference/feature/jcaInboundSecurity-1.0.html[Java Connector Architecture Security Inflow 1.0] (`jcaInboundSecurity-1.0`) | ||
| - link:{url-prefix}/docs/latest/reference/feature/connectorsInboundSecurity-2.0.html[Jakarta Connectors Inbound Security 2.0] (`connectorsInboundSecurity-2.0`) | ||
|
|
||
| This enhancement enables you to rapidly deploy applications that use these features by using Open Liberty InstantOn. For more information, see link:{url-prefix}/docs/latest/instanton.html[Faster startup for containerized applications with Open Liberty InstantOn]. | ||
|
|
||
|
|
||
| // DO NOT MODIFY THIS LINE. </GHA-BLOG-TOPIC> | ||
|
|
||
|
|
||
| [#run] | ||
| === Try it now | ||
|
|
||
| To try out these features, update your build tools to pull the Open Liberty All Beta Features package instead of the main release. The beta works with Java SE 23, 21, 17, 11, and 8. | ||
|
|
||
| If you're using link:{url-prefix}/guides/maven-intro.html[Maven], you can install the All Beta Features package using: | ||
|
|
||
| [source,xml] | ||
| ---- | ||
| <plugin> | ||
| <groupId>io.openliberty.tools</groupId> | ||
| <artifactId>liberty-maven-plugin</artifactId> | ||
| <version>3.11.1</version> | ||
| <configuration> | ||
| <runtimeArtifact> | ||
| <groupId>io.openliberty.beta</groupId> | ||
| <artifactId>openliberty-runtime</artifactId> | ||
| <version>25.0.0.1-beta</version> | ||
| <type>zip</type> | ||
| </runtimeArtifact> | ||
| </configuration> | ||
| </plugin> | ||
| ---- | ||
|
|
||
| You must also add dependencies to your `pom.xml` file for the beta version of the APIs that are associated with the beta features that you want to try. For example, the following block adds dependencies for two example beta APIs: | ||
|
|
||
| [source,xml] | ||
| ---- | ||
| <dependency> | ||
| <groupId>org.example.spec</groupId> | ||
| <artifactId>exampleApi</artifactId> | ||
| <version>7.0</version> | ||
| <type>pom</type> | ||
| <scope>provided</scope> | ||
| </dependency> | ||
| <dependency> | ||
| <groupId>example.platform</groupId> | ||
| <artifactId>example.example-api</artifactId> | ||
| <version>11.0.0</version> | ||
| <scope>provided</scope> | ||
| </dependency> | ||
| ---- | ||
|
|
||
| Or for link:{url-prefix}/guides/gradle-intro.html[Gradle]: | ||
|
|
||
| [source,gradle] | ||
| ---- | ||
| buildscript { | ||
| repositories { | ||
| mavenCentral() | ||
| } | ||
| dependencies { | ||
| classpath 'io.openliberty.tools:liberty-gradle-plugin:3.9.1' | ||
| } | ||
| } | ||
| apply plugin: 'liberty' | ||
| dependencies { | ||
| libertyRuntime group: 'io.openliberty.beta', name: 'openliberty-runtime', version: '[25.0.0.1-beta,)' | ||
| } | ||
| ---- | ||
|
|
||
|
|
||
| Or if you're using link:{url-prefix}/docs/latest/container-images.html[container images]: | ||
|
|
||
| [source] | ||
| ---- | ||
| FROM icr.io/appcafe/open-liberty:beta | ||
| ---- | ||
|
|
||
| Or take a look at our link:{url-prefix}/downloads/#runtime_betas[Downloads page]. | ||
|
|
||
| If you're using link:https://plugins.jetbrains.com/plugin/14856-liberty-tools[IntelliJ IDEA], link:https://marketplace.visualstudio.com/items?itemName=Open-Liberty.liberty-dev-vscode-ext[Visual Studio Code] or link:https://marketplace.eclipse.org/content/liberty-tools[Eclipse IDE], you can also take advantage of our open source link:{url-prefix}/docs/latest/develop-liberty-tools.html[Liberty developer tools] to enable effective development, testing, debugging, and application management all from within your IDE. | ||
|
|
||
| For more information on using a beta release, refer to the link:{url-prefix}docs/latest/installing-open-liberty-betas.html[Installing Open Liberty beta releases] documentation. | ||
|
|
||
| [#feedback] | ||
| == We welcome your feedback | ||
|
|
||
| Let us know what you think on link:https://groups.io/g/openliberty[our mailing list]. If you hit a problem, link:https://stackoverflow.com/questions/tagged/open-liberty[post a question on StackOverflow]. If you hit a bug, link:https://github.com/OpenLiberty/open-liberty/issues[please raise an issue]. |
Oops, something went wrong.