Merged
Conversation
Japanese blog automation
ayoho
reviewed
Feb 9, 2026
posts/2026-02-10-26.0.0.2-beta.adoc
Outdated
| This beta release of Open Liberty includes important updates to the `mcpServer-1.0` feature including role-based authorization, request IDs, the `_meta` field, and a few bug fixes. | ||
|
|
||
| === Prerequisites | ||
| To use the `mcpServer-1.0` feature, `Java 17` or later must be installed on the system. |
Member
There was a problem hiding this comment.
Suggested change
| To use the `mcpServer-1.0` feature, `Java 17` or later must be installed on the system. | |
| To use the `mcpServer-1.0` feature, Java 17 or later must be installed on the system. |
posts/2026-02-10-26.0.0.2-beta.adoc
Outdated
| === Prerequisites | ||
| To use the `mcpServer-1.0` feature, `Java 17` or later must be installed on the system. | ||
|
|
||
| === Implement Role-based authorization for MCP tools via annotations |
Member
There was a problem hiding this comment.
Suggested change
| === Implement Role-based authorization for MCP tools via annotations | |
| === Implement role-based authorization for MCP tools via annotations |
posts/2026-02-10-26.0.0.2-beta.adoc
Outdated
| The following new annotations allow you to restrict tool usage through authorization policies: | ||
|
|
||
| . `@DenyAll` - Resource is denied. This is the strictest policy. | ||
| . `@RolesAllowed` - Resource is allowed for pre-authorised users in a role (same as a group in liberty). |
Member
There was a problem hiding this comment.
Suggested change
| . `@RolesAllowed` - Resource is allowed for pre-authorised users in a role (same as a group in liberty). | |
| . `@RolesAllowed` - Resource is allowed for pre-authorised users in a role (same as a group in Liberty). |
posts/2026-02-10-26.0.0.2-beta.adoc
Outdated
| ==== Steps required | ||
|
|
||
| * Create an application with `@ApplicationScoped` and expose the tool with the required annotations. | ||
| * Create a `server.xml` with users |
Member
There was a problem hiding this comment.
Just for my own edification, does this extend to things like LDAP registries? Or is this just limited to basic registries?
posts/2026-02-10-26.0.0.2-beta.adoc
Outdated
|
|
||
| * Create an application with `@ApplicationScoped` and expose the tool with the required annotations. | ||
| * Create a `server.xml` with users | ||
| * Ensure that the groups map to the Roles created in the Tool |
Member
There was a problem hiding this comment.
Suggested change
| * Ensure that the groups map to the Roles created in the Tool | |
| * Ensure that the groups map to the roles created in the tool |
posts/2026-02-10-26.0.0.2-beta.adoc
Outdated
|
|
||
| In other situations we could also add multiple roles to tools: `@RolesAllowed("Admins, Moderators")`. This could make sense if the roles would have no overlapping users. | ||
|
|
||
| _**Authorization Configuration**_ |
Member
There was a problem hiding this comment.
Suggested change
| _**Authorization Configuration**_ | |
| **Authorization Configuration** |
posts/2026-02-10-26.0.0.2-beta.adoc
Outdated
| </server> | ||
| ---- | ||
|
|
||
| If another role were added to the code, say `RoleDoesNotExistInServerConfig` then any user (for e.g. Sally) was trying to authenticate with `@RolesAllowed("RoleDoesNotExistInServerConfig")` would not be able to have access to the resource until that role had a group created for it in the `server.xml` file and that user was mapped to that group. |
Member
There was a problem hiding this comment.
Suggested change
| If another role were added to the code, say `RoleDoesNotExistInServerConfig` then any user (for e.g. Sally) was trying to authenticate with `@RolesAllowed("RoleDoesNotExistInServerConfig")` would not be able to have access to the resource until that role had a group created for it in the `server.xml` file and that user was mapped to that group. | |
| If a new role like `RoleDoesNotExistInServerConfig` were added to the code, any user (e.g., Sally) attempting to authenticate with a resource annotated with `@RolesAllowed("RoleDoesNotExistInServerConfig")` would be denied access to the resource. Access would only be granted after creating a corresponding group for that role in the server.xml file and mapping the user to that group. |
posts/2026-02-10-26.0.0.2-beta.adoc
Outdated
|
|
||
| === Notable bug fixes in MCP 1.0 | ||
|
|
||
| ==== 1) MCP Server feature used ISO-8859-1 and did not handle non-latin characters |
Member
There was a problem hiding this comment.
Suggested change
| ==== 1) MCP Server feature used ISO-8859-1 and did not handle non-latin characters | |
| ==== 1) MCP Server feature used ISO-8859-1 and did not handle non-Latin characters |
updates to 26.0.0.2-beta blog
IsmathBadsha
approved these changes
Feb 10, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Link to the blog here