---
layout: post
title: "Jakarta EE 10 Platform and MicroProfile 6 in Open Liberty 22.0.0.13-beta"
# Do NOT change the categories section
categories: blog
author_picture: https://avatars3.githubusercontent.com/mbroz2
author_github: https://github.com/mbroz2
seo-title: Jakarta EE 10 Platform and MicroProfile 6 in Open Liberty 22.0.0.13-beta - OpenLiberty.io
seo-description: Open Liberty 22.0.0.13-beta makes available Jakarta EE Platform 10.0, and with it Web Profile 10.0, Jakarta Authentication 3.0, Jakarta Authorization 2.1, Jakarta Security 3.0, and Jakarta Faces 4.0.  MicroProfile 6 is also included in this beta release, as well as the ability to configure a maximum age for FFDC files.

blog_description: Open Liberty 22.0.0.13-beta makes available Jakarta EE Platform 10.0, and with it Web Profile 10.0, Jakarta Authentication 3.0, Jakarta Authorization 2.1, Jakarta Security 3.0, and Jakarta Faces 4.0.  MicroProfile 6 is also included in this beta release, as well as the ability to configure a maximum age for FFDC files.

open-graph-image: https://openliberty.io/img/twitter_card.jpg
open-graph-image-alt: Open Liberty Logo
---
= Jakarta EE 10 Platform and MicroProfile 6 in Open Liberty 22.0.0.13-beta
Michal Broz <https://github.com/mbroz2>
:imagesdir: /
:url-prefix:
:url-about: /
//Blank line here is necessary before starting the body of the post.

With Open Liberty 22.0.0.13-beta we're excited to announce many new features and functions, beginning with Jakarta EE Web Profile 10.0 and Jakarta EE Platform 10.0! To make that possible, this release also includes the last remaining Jakarta EE 10 features that had not previously been part of a beta: Jakarta Authentication 3.0, Jakarta Authorization 2.1, Jakarta Security 3.0, and Jakarta Faces 4.0.


Similar to Jakarta EE 10 features, we've also been releasing various MicroProfile 6 features in the recent beta releases, and the 22.0.0.13-beta marks the first release that includes all of MicroProfile 6! Also provided in this beta release is the ability to automatically purge FFDC log files after they reach a configured age.



// // // // // // // //
// Change the RELEASE_SUMMARY to an introductory paragraph. This sentence is really
// important because it is supposed to grab the readers attention.  Make sure to keep the blank lines 
//
// Throughout the doc, replace 22.0.0.13-beta with the version number of Open Liberty, eg: 22.0.0.2-beta
// // // // // // // //

The link:{url-about}[Open Liberty] 22.0.0.13-beta includes the following beta features (along with link:{url-prefix}/docs/latest/reference/feature/feature-overview.html[all GA features]):

* <<jakarta10, Jakarta EE 10 Platform and Web Profile>> 
** <<authentication, Application Authentication 3.0 (Jakarta Authentication 3.0)>>
** <<authorization, Application Authorization 2.1 (Jakarta Authorization 2.1)>>
** <<security, Application Security 5.0 (Jakarta Security 3.0)>>
** <<faces, Jakarta Faces 4.0>>
* <<mp6, MicroProfile 6.0>>
* <<maxFfdcAge, Configurable maximum FFDC age>>



See also link:{url-prefix}/blog/?search=beta&key=tag[previous Open Liberty beta blog posts].

// // // // DO NOT MODIFY THIS COMMENT BLOCK <GHA-BLOG-TOPIC> // // // // 
// Blog issue: https://github.com/OpenLiberty/open-liberty/issues/23358
// Contact/Reviewer: ReeceNana,jhanders34
// // // // // // // // 
[#jakarta10]
== Jakarta EE 10 Platform and Web Profile

In the Open Liberty 22.0.0.9-beta, we made available Jakarta EE 10 Core Profile and ever since we've been hard at work releasing more Jakarta EE 10 features with each subsequent beta.  We're proud to announce that the 22.0.0.13-beta is the culmination of that effort and makes available Jakarta EE 10.0 Application Client, Jakarta EE Web Profile 10.0, and Jakarta EE Platform 10.0.

Liberty provides convenience features for running all of the component specifications that are contained in the Jakarta EE Web Profile and Jakarta EE Platform. The `webProfile-10.0` and `jakartaee-10.0` Liberty features provide the Jakarta EE Web Profile and Jakarta EE Platform version 10 Liberty features respectively.  For Jakarta EE 10 features in the application client, use the `jakartaeeClient-10.0` Liberty feature.



Using these convenience features enables developers to rapidly develop applications using all of the APIs contained in the Web Profile and Platform specifications.  Unlike the `webProfile-9.1` Liberty feature, the `webProfile-10` Liberty feature does not enable the XML Binding feature, because XML Binding is not a Web Profile component specification. If your application relies on XML Binding APIs, you must explicitly enable the `xmlBinding-4.0` Liberty feature when using the `webProfile-10.0` Liberty feature.



To enable the Jakarta EE 10 beta features in your application’s `server.xml`:
[source,xml]
----
  <featureManager>
    <feature>jakartaee-10.0</feature>
  </featureManager>
----
Or you can add the Web Profile convenience feature to enable all of the Jakarta EE 10 Web Profile beta features at once:
[source,xml]
----
  <featureManager>
    <feature>webProfile-10.0</feature>
  </featureManager>
----
To run Jakarta EE 10 features on the Application Client Container in your application's `client.xml`:
[source,xml]
----
 <featureManager>
       <feature>jakartaeeClient-10.0</feature>
 </featureManager>
----
For more information see the https://jakarta.ee/specifications/platform/10/[Jakarta EE Platform 10 Specification] and the https://jakarta.ee/specifications/webprofile/10/[Jakarta EE Web Profile 10 Specification].
    
    
// DO NOT MODIFY THIS LINE. </GHA-BLOG-TOPIC> 

// // // // DO NOT MODIFY THIS COMMENT BLOCK <GHA-BLOG-TOPIC> // // // // 
// Blog issue: https://github.com/OpenLiberty/open-liberty/issues/23356
// Contact/Reviewer: ReeceNana,arkarkala
// // // // // // // // 
[#authentication]
== Application Authentication 3.0 (Jakarta Authentication 3.0)
Jakarta Authentication defines a general low-level SPI for authentication mechanisms, which are controllers that interact with a caller and a container's environment to obtain and validate the caller's credentials and pass an authenticated identity (such as name and groups) to the container.



Multiple enhancements are made available in Jakarta Authentication 3.0, including methods to add and remove a single server auth module, and the addition of default methods to `ServerAuth` and `ClientAuth` modules.



You can enable the Jakarta Authentication 3.0 feature by enabling the `appAuthentication-3.0` feature in the server.xml file:
   
[source,xml]
----
    <featureManager>
        <feature>appAuthentication-3.0</feature>
    </featureManager>
----

For more information, see the https://github.com/jakartaee/specifications/blob/master/authentication/3.0/_index.md[Jakarta Authentication 3.0] specification.

    

// DO NOT MODIFY THIS LINE. </GHA-BLOG-TOPIC> 

// // // // DO NOT MODIFY THIS COMMENT BLOCK <GHA-BLOG-TOPIC> // // // // 
// Blog issue: https://github.com/OpenLiberty/open-liberty/issues/23355
// Contact/Reviewer: ReeceNana,arkarkala
// // // // // // // // 
[#authorization]
== Application Authorization 2.1 (Jakarta Authorization 2.1)
Jakarta Authorization defines a low-level SPI for authorization modules, which are repositories of permissions facilitating subject based security by determining whether a given subject has a given permission, and algorithms to transform security constraints for specific containers (such as Jakarta Servlet or Jakarta Enterprise Beans) into these permissions.

The Jakarta Authorization 2.1 specification provides enhancements to the Jakarta Authorization 2.0 specification by the addition of new methods to read permissions.  One such addition is the ability to get the `PolicyConfiguration`, which is used for authorization.  Prior to Jakarta Authorization 2.1, the spec did not have the flexibility to read permissions from the `PolicyConfiguration` and required complex wrapper code to get the `PolicyConfiguration`.

   
You can enable the Jakarta Authorization 2.1 feature by using the `appAuthorization-2.1` feature in the server.xml file:
   
[source,xml]
----
    <featureManager>
        <feature>appAuthorization-2.1</feature>
    </featureManager>
----
   
For more information see the https://github.com/jakartaee/specifications/blob/master/authorization/2.1/_index.md[Jakarta Authorization 2.1] specification.    

// DO NOT MODIFY THIS LINE. </GHA-BLOG-TOPIC> 


// // // // DO NOT MODIFY THIS COMMENT BLOCK <GHA-BLOG-TOPIC> // // // // 
// Blog issue: https://github.com/OpenLiberty/open-liberty/issues/23315
// Contact/Reviewer: teddyjtorres,ReeceNana
// // // // // // // // 
[#security]
== Application Security 5.0 (Jakarta Security 3.0)

Application Security 5.0 enables support for securing the server runtime environment and applications using Jakarta Security 3.0. The Jakarta Security 3.0 specification allows using built-in authentication mechanisms and identity stores as well as providing your own custom implementations for authenticating users to protected resources. The specification introduces a new built-in authentication mechanism based on the Authorization Code Flow of the OpenID Connect Core 1.0 specification.

Jakarta Security 3.0 allows using the new `@OpenIdAuthenticationMechanismDefinition` annotation to configure a built-in OpenID Connect authentication mechanism to function as an OpenID Connect client, or Relying Party (RP), so that you can use an OpenID Connect Provider (OP) as a single sign-on identity provider. It also introduces the `OpenIdContext` bean and various APIs for handling the access token, identity token, and refresh token.

   
You can use the `@OpenIdAuthenticationMechanismDefinition` annotation in a Web or JAX-RS application to enable an OpenID Connect client for that application. The following example shows a servlet with a minimal `@OpenIdAuthenticationMechanismDefinition` annotation when the OP is a Liberty OP:

[source,java]
----
@WebServlet("/OidcAnnotatedServlet")
@OpenIdAuthenticationMechanismDefinition(
                providerURI = "https://localhost:8920/oidc/endpoint/OP",
                clientId = "clientId",
                clientSecret = "clientSecret",
                redirectURI = "https://localhost:8940/MyApp/Callback",
                claimsDefinition = @ClaimsDefinition(callerNameClaim = "sub", callerGroupsClaim = "groupIds"))
@DeclareRoles("all")
@ServletSecurity(@HttpConstraint(rolesAllowed = "all"))
public class OidcAnnotatedServlet extends HttpServlet {
…
}
----

You can enable the Application Security 5.0 (Jakarta Security 3.0) feature by using the `appSecurity-5.0` feature in the server.xml file:
   
[source,xml]
----
    <featureManager>
        <feature>appSecurity-5.0</feature>
    </featureManager>
----


For more information about the `@OpenIdAuthenticationMechanismDefinition` annotation and its attributes, refer to the https://jakarta.ee/specifications/security/3.0/jakarta-security-spec-3.0.html#openid-connect-annotation[2.4.4. OpenID Connect Annotation] section of the Jakarta Security 3.0 specification. Please refer to https://javadoc.io/doc/jakarta.security.enterprise/jakarta.security.enterprise-api/latest/jakarta.security/module-summary.html[Jakarta Security Module] for the documentation of the Jakarta Security 3.0 APIs. 

  
// DO NOT MODIFY THIS LINE. </GHA-BLOG-TOPIC> 

// // // // DO NOT MODIFY THIS COMMENT BLOCK <GHA-BLOG-TOPIC> // // // // 
// Blog issue: https://github.com/OpenLiberty/open-liberty/issues/23224
// Contact/Reviewer: volosied,pnicolucci,ReeceNana
// // // // // // // // 
[#faces]
== Jakarta Faces 4.0

Jakarta Faces is a Model-View-Controller (MVC) framework for building web applications. It offers many convenient features, such as state management and input validation.

Numerous changes have occurred since the last Jakarta Faces release. Notably, Pages (formerly JSP) support has been removed. Managed Beans support has also been removed, and developers should use CDI beans from this version forward. The namespaces also have been updated from `+http://xmlns.jcp.org/jsf/*+` to `+jakarta.faces.*+`. Otherwise, new attributes have been added to existing tags: `multiple` and `accept` for `h:inputFile` and `onerror` for `f:websocket`. Developers can now create facelets programmatically rather than building them via XML. Extensionless mapping is implemented, so URLs no longer need to include `/faces` or `.xhtml` mappings. Two new tags have been added to create a nested collections (i.e., optgroup containing option elements): `f:selectItemGroups` and `f:selectItemGroup`.  These are just some significant changes, but there are many more.




The `faces-4.0` feature uses MyFaces, but if you want to use an alternative Faces implementation, such as Mojarra 4.0, you can use the `facesContainer-4.0` feature instead. The Faces API and implementation jars just need to be included in the application `WEB-INF/lib` folder. 


You can enable the Jakarta Faces 4.0 feature by using the `faces-4.0` feature in the server.xml file:
   
[source,xml]
----
    <featureManager>
        <feature>faces-4.0</feature>
    </featureManager>
----

To enable the Jakarta Faces 4.0 feature, add `faces-4.0` to the server.xml file:
[source,xml]
----
    <featureManager>
        <feature>facesContainer-4.0</feature>
    </featureManager>
----

You can find more information regarding the many changes in Faces 4.0 in the https://balusc.omnifaces.org/2021/11/whats-new-in-faces-40.html[What's new in Faces 4.0?] article.  The Javadoc, specification documentation, and other information can be found on the https://jakarta.ee/specifications/faces/4.0/[Faces 4.0] page.
    

// DO NOT MODIFY THIS LINE. </GHA-BLOG-TOPIC> 


// // // // DO NOT MODIFY THIS COMMENT BLOCK <GHA-BLOG-TOPIC> // // // // 
// Blog issue: https://github.com/OpenLiberty/open-liberty/issues/23328
// Contact/Reviewer: ReeceNana,Emily-Jiang
// // // // // // // // 
[#mp6]
== MicroProfile 6.0   

MicroProfile 6.0 enables applications to use MicroProfile APIs together with Jakarta EE 10 Core Profile. The complete list of MicroProfile 6.0 specifications includes:

* https://jakarta.ee/specifications/coreprofile/10/[Jakarta EE 10 Core Profile]
* https://github.com/eclipse/microprofile-config/releases/tag/3.0.2[MicroProfile Config 3.0]
* https://github.com/eclipse/microprofile-fault-tolerance/releases/tag/4.0.2[MicroProfile Fault Tolerance 4.0]
* https://github.com/eclipse/microprofile-metrics/releases/tag/5.0[MicroProfile Metrics 5.0]
* https://github.com/eclipse/microprofile-health/releases/tag/4.0.1[MicroProfile Health 4.0]
* https://github.com/eclipse/microprofile-telemetry/releases/tag/1.0[MicroProfile Telemetry 1.0]
* https://github.com/eclipse/microprofile-open-api/releases/tag/3.1[MicroProfile OpenAPI 3.1]
* https://github.com/eclipse/microprofile-jwt-auth/releases/tag/2.1[MicroProfile JWT Authentication 2.1]
* https://github.com/eclipse/microprofile-rest-client/releases/tag/3.0.1[MicroProfile Rest Client 3.0]

The following specifications in MicroProfile 6.0 release are either new or have some major or minor update when compared to MicroProfile 5.0:

- MicroProfile Telemetry 1.0 (new spec; find out more in the link:{url-prefix}/blog/2022/09/01/java-19-22.0.0.10-beta.html#microprofile[22.0.0.10-beta post])
- MicroProfile Metrics 5.0 (major update; find out more in the link:{url-prefix}/blog/2022/10/27/22.0.0.12-beta.html#metrics[22.0.0.12-beta post])
- MicroProfile OpenAPI 3.1 (minor update; find out more in the link:{url-prefix}/blog/2022/08/04/jakarta-core-profile-22009-beta.html#microprofile[22.0.0.9-beta post])
- MicroProfile JWT 2.1 (minor update; find out more in the link:{url-prefix}/blog/2022/10/27/22.0.0.12-beta.html#jwt[22.0.0.12-beta post])

MicroProfile 6.0 has the following backward incompatible changes compared to MicroProfile 5.0:

- Incompatible changes from MicroProfile Metrics
- MicroProfile OpenTracing replaced by MicroProfile Telemetry
- Includes Jakarta EE 10 Core Profile instead of the five specifications (CDI, Jakarta Restful Web Services, JSON-B, JSON-P and Annotations) in Jakarta EE 9.1

It's also worth noting that MicroProfile Metrics 5.0 has https://download.eclipse.org/microprofile/microprofile-metrics-5.0.0-RC4/microprofile-metrics-spec-5.0.0-RC4.html#_incompatible_changes[incompatible changes] compared to MicroProfile Metrics 4.0.

You can enable the MicroProfile 6 feature by using the `microProfile-6.0` feature in the server.xml file:

[source,xml]
----
<featureManager>
    <feature>microProfile-6.0</feature>
</featureManager>
----
    
To find out more, take a look at the https://github.com/eclipse/microprofile/releases/tag/6.0-RC3[MicroProfile 6.0 Release].

    
// DO NOT MODIFY THIS LINE. </GHA-BLOG-TOPIC> 


// // // // DO NOT MODIFY THIS COMMENT BLOCK <GHA-BLOG-TOPIC> // // // // 
// Blog issue: https://github.com/OpenLiberty/open-liberty/issues/23235
// Contact/Reviewer: ReeceNana,tonyreigns
// // // // // // // // 
[#maxFfdcAge]
== Configurable maximum FFDC age
   
Open Liberty provides First Failure Data Capture(FFDC) capability which instantly collects information about events and conditions that might lead up to a failure.  In certain scenarios, the number of files in the FFDC directory can grow to a very large amount. Currently, Open Liberty automatically purges FFDC files in excess of 500 and this value is not configurable. This beta release introduces new functionality which automatically purges FFDC log files after they reach a configured age. This is done through a new configuration attribute, `maxFfdcAge`.


`maxFfdcAge` is the maximum desired age before an FFDC file is deleted. At midnight everyday, any FFDC file that has reached the maximum configured age will be deleted. Specify a positive integer followed by a unit of time, which can be days (`d`), hours (`h`), or minutes (`m`). For example, specify 2 days as `2d`. You can include multiple values in a single entry. For example, `2d6h` is equivalent to 2 days and 6 hours.
    
Example server.xml configuration:
[source,xml]
----
<server>
    <logging maxFfdcAge="2d"/>
</server>
----
    
// DO NOT MODIFY THIS LINE. </GHA-BLOG-TOPIC> 

[#run]
=== Try it now 

To try out these features, just update your build tools to pull the Open Liberty All Beta Features package instead of the main release. The beta works with Java SE 19, Java SE 17, Java SE 11, and Java SE 8.

If you're using link:{url-prefix}/guides/maven-intro.html[Maven], you can install the All Beta Features package using:

[source,xml]
----
<plugin>
    <groupId>io.openliberty.tools</groupId>
    <artifactId>liberty-maven-plugin</artifactId>
    <version>3.3.4</version>
    <configuration>
        <runtimeArtifact>
          <groupId>io.openliberty.beta</groupId>
          <artifactId>openliberty-runtime</artifactId>
          <version>22.0.0.13-beta</version>
          <type>zip</type>
        </runtimeArtifact>
    </configuration>
</plugin>
----

You must also add dependencies to your pom.xml file for the beta version of the APIs that are associated with the beta features that you want to try.  For example, for Jakarta EE 10 and MicroProfile 6, you would include:
[source,xml]
----
<dependency>
    <groupId>org.eclipse.microprofile</groupId>
    <artifactId>microprofile</artifactId>
    <version>6.0-RC3</version>
    <type>pom</type>
    <scope>provided</scope>
</dependency>
<dependency>
    <groupId>jakarta.platform</groupId>
    <artifactId>jakarta.jakartaee-api</artifactId>
    <version>10.0.0</version>
    <scope>provided</scope>
</dependency>
----

Or for link:{url-prefix}/guides/gradle-intro.html[Gradle]:

[source,gradle]
----
dependencies {
    libertyRuntime group: 'io.openliberty.beta', name: 'openliberty-runtime', version: '[22.0.0.13-beta,)'
}
----

Or take a look at our link:{url-prefix}/downloads/#runtime_betas[Downloads page].

[#feedback]
== We welcome your feedback

Let us know what you think on link:https://groups.io/g/openliberty[our mailing list]. If you hit a problem, link:https://stackoverflow.com/questions/tagged/open-liberty[post a question on StackOverflow]. If you hit a bug, link:https://github.com/OpenLiberty/open-liberty/issues[please raise an issue].