updates to 26.0.0.5-beta blog

navaneethsnair1 · navaneethsnair1 · commit 451c8640e06f · 2026-05-06T14:15:45.000+05:30
diff --git a/blog_tags.json b/blog_tags.json
@@ -2,7 +2,7 @@
     "blog_tags": [
         {
             "name": "announcements",
-            "posts": ["26.0.0.4", "26.0.0.4-beta", 
+            "posts": ["26.0.0.5-beta", "26.0.0.4", "26.0.0.4-beta", 
                       "26.0.0.3", "26.0.0.3-beta", 
                       "26.0.0.2", "26.0.0.2-beta", 
                       "26.0.0.1", "26.0.0.1-beta", 
@@ -199,7 +199,7 @@
         },
         {
             "name": "release",
-            "posts": ["26.0.0.4", "26.0.0.4-beta", 
+            "posts": ["26.0.0.5-beta", "26.0.0.4", "26.0.0.4-beta", 
                       "26.0.0.3", "26.0.0.3-beta", 
                       "26.0.0.2", "26.0.0.2-beta", 
                       "26.0.0.1", "26.0.0.1-beta", 
@@ -279,7 +279,8 @@
         },
         {
             "name": "beta",
-            "posts": ["26.0.0.4-beta", "26.0.0.3-beta", "26.0.0.2-beta", 
+            "posts": ["26.0.0.5-beta", "26.0.0.4-beta",
+                      "26.0.0.3-beta", "26.0.0.2-beta", 
                       "26.0.0.1-beta", "mcp-standalone-blog",
                       "25.0.0.12-beta", "25.0.0.11-beta",
                       "25.0.0.10-beta","25.0.0.9-beta",
@@ -335,7 +336,8 @@
         },
         {
             "name": "security",
-            "posts": ["26.0.0.4", "26.0.0.4-beta", "26.0.0.3", 
+            "posts": ["26.0.0.5-beta", "26.0.0.4", 
+                      "26.0.0.4-beta", "26.0.0.3", 
                       "25.0.0.12", "25.0.0.12-beta", 
                       "25.0.0.9", "25.0.0.9-beta", 
                       "25.0.0.3", "25.0.0.3-beta",
diff --git a/posts/2026-05-05-26.0.0.5-beta.adoc b/posts/2026-05-05-26.0.0.5-beta.adoc
@@ -44,21 +44,20 @@ The link:{url-about}[Open Liberty] 26.0.0.5-beta includes the following beta fea
 See also link:{url-prefix}/blog/?search=beta&key=tag[previous Open Liberty beta blog posts].
 
 // // // // DO NOT MODIFY THIS COMMENT BLOCK <GHA-BLOG-TOPIC> // // // // 
-// Blog issue: https://github.com/OpenLiberty/open-liberty/issues/33838
+// Blog issue: https://github.com/OpenLiberty/open-liberty/issues/34763
 // Contact/Reviewer: martindrozdz
 // // // // // // // // 
 [#mcp]
 == Updates to `mcpServer-1.0`
 
-The link:https://modelcontextprotocol.io/docs/getting-started/intro[Model Context Protocol (MCP)] is an open standard that enables AI applications to access real-time information from external sources. The Liberty MCP Server feature `mcpServer-1.0` allows developers to expose the business logic of their applications, allowing it to be integrated into agentic AI workflows.
+The link:https://modelcontextprotocol.io/docs/getting-started/intro[Model Context Protocol (MCP)] is an open standard that enables AI applications to access real-time information from external sources. The Liberty MCP Server feature `mcpServer-1.0` allows developers to expose the business logic or data from their applications, allowing it to be integrated into agentic AI workflows.
 
 This beta release of Liberty includes important updates to the `mcpServer-1.0` feature, including configurable endpoint paths and notable bug fixes.
 
 === Prerequisites
 To use the `mcpServer-1.0` feature, it is required to have `Java 17` or later installed on your system.
 
-=== Configure custom MCP endpoint paths (Currently disabled pending review - testing revealed inconsistent behavior across multiple modules)
-
+=== Configure custom MCP endpoint paths 
 Previously, the MCP endpoint was hard-coded to `/mcp` under the web application context root. You can now configure custom endpoint paths to better suit your application architecture and naming conventions.
 
 ==== Single Application Configuration
@@ -67,76 +66,30 @@ For a single application, configure the endpoint path directly in the `<mcpServe
 
 [source,xml]
 ----
-<server description="Liberty server with custom MCP endpoint">
+<server description="Configurable Mcp Path Liberty server">
 
   <featureManager>
     <feature>servlet-6.0</feature>
     <feature>cdi-4.0</feature>
     <feature>mcpServer-1.0</feature>
   </featureManager>
 
-  <httpEndpoint id="defaultHttpEndpoint"
-                httpPort="9080"
-                httpsPort="9443"/>
+  <application location="configurableMcpPathTests.war">
+  	<mcpServer path="/custom-mcp"/>
+  </application>
 
-  <!-- Configure custom MCP endpoint path -->
-  <mcpServer endpoint="/custom-mcp"/>
+  <include location="../fatTestPorts.xml" />
 
 </server>
 ----
 
 With this configuration, MCP server can be accessed at `/custom-mcp` instead of the default `/mcp` path.
 
-==== Multiple Application Configuration
-
-For applications with multiple modules or when you need different endpoint paths for different parts of your application, configure the MCP server settings under the `<application>` element:
-
-[source,xml]
-----
-<server description="Liberty server with multiple MCP endpoints">
-
-  <featureManager>
-    <feature>servlet-6.0</feature>
-    <feature>cdi-4.0</feature>
-    <feature>mcpServer-1.0</feature>
-  </featureManager>
-
-  <httpEndpoint id="defaultHttpEndpoint"
-                httpPort="9080"
-                httpsPort="9443"/>
-
-  <application name="myApp" location="myApp.ear" type="ear">
-    <!-- Configure MCP endpoint for specific module -->
-    <mcpServer moduleName="module1" name="default" path="/api/mcp"/>
-    <mcpServer moduleName="module2" name="default" path="/services/mcp"/>
-  </application>
-
-</server>
-----
-
-This configuration supports the following:
-
-* Define different endpoint paths for different modules within the same application
-* Use descriptive paths that align with your API structure
-* Support future extensibility for multiple MCP endpoints within a single module
-
-==== Configuration Options
+=== Configuration Options
 
 The `<mcpServer>` element supports the following attributes:
 
-* *endpoint* (single app): The custom path for the MCP endpoint (e.g., `/custom-mcp`)
-* *moduleName* (multi-app): The name of the module to configure
-* *name* (multi-app): The identifier for the MCP server configuration (typically "default")
-* *path* (multi-app): The custom path for the MCP endpoint
-
-==== Benefits
-
-Configurable endpoint paths provide:
-
-* *Flexibility*: Align MCP endpoints with your existing API structure
-* *Multi-tenancy support*: Different paths for different applications or modules
-* *Future-proofing*: Foundation for supporting multiple MCP endpoints per application
-* *Better organization*: Descriptive paths that reflect the purpose of each endpoint
+- **path** (single app): The custom path for the MCP endpoint (for example, `/custom-mcp`)
 
 === Notable bug fixes in this release for `mcpServer-1.0`
 
@@ -194,8 +147,8 @@ This has been fixed to ensure proper isolation of encoder beans per application,
 // DO NOT MODIFY THIS LINE. </GHA-BLOG-TOPIC> 
 
 // // // // DO NOT MODIFY THIS COMMENT BLOCK <GHA-BLOG-TOPIC> // // // // 
-// Blog issue: https://github.com/OpenLiberty/open-liberty/issues/33838
-// Contact/Reviewer: martindrozdz
+// Blog issue: https://github.com/OpenLiberty/open-liberty/issues/34374
+// Contact/Reviewer: rangaran
 // // // // // // // // 
 [#transportSecurity]
 == Transport Security
@@ -204,27 +157,24 @@ Liberty uses the default cipher list from the JDK. The `securityLevel` attribute
 
 This change modifies the existing attribute `enabledCiphers` in the `ssl` config.
 
-Liberty's `securityLevel` based cipher categories no longer provide meaningful value. The `MEDIUM` and `LOW` categories contain no remaining ciphers and `securityLevel` `HIGH` does not sync up (or not the same) with/as the JDK defaults.
+Liberty's `securityLevel` based cipher categories no longer provide meaningful value. The `MEDIUM` and `LOW` categories contain no remaining ciphers.
 
-The `enabledCiphers` attribute includes a new syntax option to add '+' or remove '–' specific ciphers from the JDK default list without redefining everything. A static list and +/- syntax in the same `enabledCiphers` entry is not allowed. If the value set in `enabledCiphers` contains a static entry and a +/- entry, an error is logged, and the server ignores the `enabledCiphers` value by returning the JDK default list.
+The `enabledCiphers` attribute includes a new syntax option to add '+' or remove '–' specific ciphers from the effective JDK cipher list without redefining everything. A static list and +/- syntax in the same `enabledCiphers` entry is not allowed. If the value set in `enabledCiphers` contains a static entry and a +/- entry, an error is logged, and the server ignores the `enabledCiphers` value by returning the effective JDK cipher list.
 
 *Example Usage*
 
 [source,xml]
 ----
 <ssl id="defaultSSL" securityLevel="HIGH"/>
-<ssl id="defaultSSL" securityLevel="CUSTOM" enabledCiphers="TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 ..."/>
-<ssl id="defaultSSL" securityLevel="CUSTOM" enabledCiphers="TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA256 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA384..../"> 
-<!-- basically everything except TLS_RSA ciphers from the effective jdk list -->
+<ssl id="defaultSSL" securityLevel="CUSTOM" enabledCiphers="TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA256 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA384..../"> <!-- basically everything except TLS_RSA ciphers from the effective jdk list -->
+<ssl id="defaultSSL" securityLevel="CUSTOM" enabledCiphers="TLS_RSA_WITH_AES_128_GCM_SHA256"/>
 ----
 
-*Example with proposed change*
+*Example with new syntax*
 
 [source,xml]
 ----
-<ssl id="defaultSSL"/>
-<ssl id="defaultSSL" enabledCiphers="TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"/>
-<ssl id="defaultSSL" enabledCiphers="-TLS_RSA*"/>
+<ssl id="defaultSSL" enabledCiphers="-TLS_RSA* +TLS_RSA_WITH_AES_128_GCM_SHA256"/>
 ----
 
 To learn more about Transport Security, see link:https://openliberty.io/docs/modules/reference/23.0.0.6/com.ibm.websphere.appserver.api.ssl_1.5-javadoc/com/ibm/websphere/ssl/Constants.html[SSL Constants Javadoc], link:https://openliberty.io/docs/modules/reference/23.0.0.6/com.ibm.websphere.appserver.api.ssl_1.5-javadoc/com/ibm/websphere/ssl/JSSEProvider.html[JSSEProvider Javadoc], and link:https://openliberty.io/docs/latest/reference/config/ssl.html[SSL Configuration Reference].
@@ -234,7 +184,8 @@ To learn more about Transport Security, see link:https://openliberty.io/docs/mod
 [#run]
 === Try it now
 
-To try out these features, update your build tools to pull the Open Liberty All Beta Features package instead of the main release. The beta works with Java SE 21, Java SE 17, Java SE 11, and Java SE 8.
+To try out these features, update your build tools to pull the Open Liberty All Beta Features package instead of the main release. To enable the MCP server feature, follow the instructions from link:https://openliberty.io/blog/2025/10/23/mcp-standalone-blog.html[MCP standalone blog]. The beta works with Java SE 25, Java SE 21, Java SE 17, Java SE 11, and Java SE 8.
+
 // // // // // // // //
 // In the preceding section:
 // Check if a new non-LTS Java SE version is supported that needs to be added to the list (21, 17, 11, and 8 are LTS and will remain for a while)
