WebSphere Application Server Liberty overview

Liberty is a lightweight Java™ runtime that is ideal for building microservices, modern monolithic applications, and anything in between. It is built on the open source Open Liberty runtime and is compatible with MicroProfile and Jakarta EE.

WebSphere Liberty and Open Liberty

The following capabilities are available and supported only in the WebSphere® Liberty runtime. Otherwise, the WebSphere Liberty and Open Liberty runtimes are the same.
  • High availability and clustering in virtual machines (VM) with Liberty collectives
  • Product installation with Installation Manager
  • Ability to use Java™ EE 6 technologies
  • Through the heritageAPIs-1.0 feature, the ability to migrate WebSphere Application Server traditional applications that use certain deprecated programming models to Liberty without changing the code
  • For z/OS platformsWebSphere Liberty on z/OS® operating systems
  • For IBM i platformsWebSphere Liberty on IBM i operating systems

Most Liberty features and capabilities are now documented on Open Liberty the Open Liberty website. However, capabilities that are specific to WebSphere Liberty and some older features and capabilities are documented only in the WebSphere Liberty documentation. Features that are valid for both runtimes are documented in both WebSphere Liberty and Open Liberty, although the extent of what is documented about a feature can vary between the two documentation sets. For more information, see Where to find Liberty documentation.

WebSphere Application Server Network Deployment Liberty is not available as a stand-alone product. To get entitlement to WebSphere Application Server Network Deployment Liberty, order WebSphere Application Server Network Deployment traditional. Entitlement to WebSphere Application Server Network Deployment traditional includes entitlement to the WebSphere Application Server Network Deployment traditional component and the WebSphere Application Server Network Deployment Liberty component.

Open Liberty is open source and free to use. However, when you purchase a WebSphere Application Server or WebSphere Application Server Network Deployment license, you also get IBM support for your Open Liberty instances.

A flexible runtime with a focus on developer experience

Liberty is a flexible solution for developing and deploying all kinds of applications. Its modular structure is based around features, which enable the runtime capabilities your application needs. Whether you're developing cloud-native Java microservices with MicroProfile, or modern monolithic applications, enable the features that you want and Liberty automatically adds any dependencies for you. For a list of Liberty features, see Liberty features. You can also create your own features, as described in Extending Liberty.

Distributed: [AIX MacOS Linux Windows]Liberty helps you to be productive with tools of your choice. Liberty Tools are intuitive developer tools for the Eclipse IDE, Visual Studio Code, and IntelliJ IDEA development environments. These tools enable fast iterative development with Liberty dev mode and either Maven or Gradle. They also provide code completion, hover descriptions, and configuration diagnostics for MicroProfile API, Jakarta EE API, Liberty configuration, and Java files. For more information, see Open Liberty Develop with Liberty Tools.

Distributed: [AIX MacOS Linux Windows]In dev mode, Liberty automatically detects changes in your code, compiles them, and deploys them to your running server. You can also run tests on demand, or even automatically, so that you get immediate feedback on your changes. For more information, see Open Liberty Dev mode.

Distributed: [AIX MacOS Linux Windows]You can get the Liberty runtime in your internal development environment (IDE) or include it in container images by using Maven or Gradle. Liberty provides custom plug-ins for Maven and Open Liberty Gradle. You can use these plug-ins to pull all the Liberty runtime files that you need from Maven Central and quickly and repeatedly build your code with dev mode.

Deployment of Java applications to the cloud, on VMs, or bare metal

You can deploy applications that run on Liberty in a container to a Kubernetes platform such as Red Hat OpenShift, Azure Kubernetes Service, Elastic Kubernetes, or a cloud provider of your choice. For more information, see Running WebSphere Liberty in a container and Open Liberty the Open Liberty deployment guides.

Use the WebSphere Liberty operator to deploy and manage WebSphere Liberty applications that run in Kubernetes-based clusters. For applications that run on Open Liberty, use the Open Liberty Open Liberty operator. You can also use either operator to gather traces and memory dumps.

Alternatively, you can deploy applications that run on Liberty on VMs or bare metal, as described in Deploying applications in Liberty.

For z/OS platforms

Deployment of Java applications on z/OS systems

You can deploy applications that run on Liberty on z/OS systems, as described in Deploying applications in Liberty.

Liberty provides both a development and an operational environment. On z/OS systems, you can work natively with the operational environment by using the MVS console.

Liberty continuous delivery

A new version of Liberty is released about every 4 weeks. This predictable continuous-delivery release cycle provides a clear expectation of when a new release is available and simplifies keeping up with the latest security fixes and updates. For more information about the Liberty release cycle, see Single Stream Continuous Delivery (SSCD) Software Support Lifecycle Policy: WebSphere Liberty.

Distributed: [AIX MacOS Linux Windows]In addition to IBM Fix Central, every Liberty release is available from Maven Central and IBM Cloud® Container Registry so you can easily pick up the latest updates through build automation.

With Open Liberty zero-migration architecture, the existing APIs and behaviors that your application relies on are preserved and supported in each new release. In just a matter of minutes, you can move to the latest version of Liberty without having to change your application code or configuration.

You can also easily update applications that run on VMs or bare metal to a new Liberty version, either by using IBM Installation Manager or by extracting downloaded archives. For more information, see Installing Liberty.

Application security

Liberty provides a range of built-in security features, including support for Transport Layer Security (TLS) and integration with security frameworks like Java Authentication and Authorization Service (JAAS). It automatically provides role-based access control (RBAC) for your application endpoints by enforcing the security roles that are defined in your Java or Jakarta Enterprise Edition application. It also supports numerous single sign-on solutions, including the following options:
  • JSON Web Tokens
  • OpenID Connect
  • Security Assertion Markup Language (SAML) Web
  • Simple and Protected GSS-API Negotiation Mechanism (SPNEGO)

During development and testing, the built-in basic user registry and the quickStartSecurity configuration element offer easily configurable security frameworks to test access to your application in a lightweight, self-contained manner. When the application is moved to production, you can easily convert the basic user registry to a production-ready LDAP user registry or single sign-on solution. After deployment, Liberty offers functions that support security hardening for applications in production. When your application runs in production, Liberty provides extensive auditing of security events that can be written to an encrypted and signed audit log to help ensure the integrity of your deployment. For more information, see Open Liberty security hardening for applications in production.

The modular structure of Liberty presents a smaller attack surface than other Java runtimes. You enable only the features and capabilities that you need, which helps reduce the risk of vulnerabilities. And the Liberty four-week release cycle provides the latest security fixes to protect your applications from emerging threats and vulnerabilities. For more information, see Securing Liberty and its applications.

Observability and monitoring

[24.0.0.9 and later]Open Liberty Observability is not a one-time task but an ongoing process that must be integrated into your development lifecycle. Implementing observability in your microservices involves a combination of metrics, logging, and tracing. With MicroProfile Telemetry 2.0 and later, you can manage Liberty logs, metrics, and traces in a standardized way by using the OpenTelemetry protocol. For more information, see Collect logs, metrics, and traces with OpenTelemetry.

If you run applications in Kubernetes-based clusters, you can use the WebSphere Liberty operator with tools of your choice to observe your Liberty runtime. For more information, see Observing with the WebSphere Liberty operator.