Moving liberty to its own yml file, and updating for new application

build.gradle

@@ -64,6 +64,7 @@ ext {
 liberty {
     server {
         name = "defaultServer"
+        looseApplication = false
 
         configFile = file("liberty/server.xml")
 

liberty.yml

@@ -0,0 +1,52 @@
+version: '3'
+volumes:
+    krb5kdc-data:
+services:
+  liberty:
+    build: liberty
+    ports:
+      - "9080:9080"
+      - "443:443"
+    environment:
+      - KRB5_REALM=EXAMPLE.COM
+      - KRB5_KDC=kerberos
+    depends_on: 
+      - "db2"
+    networks:
+      krbnet:
+        ipv4_address: 10.5.0.4 
+    volumes:
+      - ./trace/liberty/logs:/logs
+  db2:
+    build: db2
+    ports:
+      - "50000:50000"
+    environment:
+      - KRB5_REALM=EXAMPLE.COM
+      - KRB5_KDC=kerberos
+    privileged: True
+    depends_on: 
+      - "kerberos"
+    networks:
+      krbnet:
+        ipv4_address: 10.5.0.5
+  kerberos:
+    build: kdc-server
+    ports:
+      - "88:88"
+      - "464:464"
+      - "749:749"
+    environment:
+      - KRB5_REALM=EXAMPLE.COM
+      - KRB5_KDC=localhost
+      - KRB5_PASS=password
+    volumes:
+      - krb5kdc-data:/var/lib/krb5kdc
+    networks:
+      krbnet:
+        ipv4_address: 10.5.0.9
+networks:
+  krbnet:   
+    ipam:
+      config:
+        - subnet: 10.5.0.0/16

liberty/Dockerfile

@@ -16,7 +16,7 @@ RUN chmod a+x /docker-entrypoint.sh
 #COPY /updates /liberty
 
 COPY server.xml /opt/ol/wlp/usr/servers/defaultServer/server.xml
-COPY ./build/libs/was-kerberos-database.war /opt/ol/wlp/usr/servers/defaultServer/dropins/was-kerberos-database.war
+COPY ./build/libs/was-kerberos-database.war /opt/ol/wlp/usr/servers/defaultServer/apps/was-kerberos-database.war
 COPY ./build/dependencies/db2jcc.jar /opt/ol/wlp/usr/shared/db2jcc.jar
 COPY ./build/libs/krb5LoginModule.jar /opt/ol/wlp/usr/shared/krb5LoginModule.jar
 COPY jaas.conf /kerberos/jaas.conf

liberty/server.xml

@@ -1,7 +1,6 @@
 <server>
 
   <featureManager>
-    <feature>spnego-1.0</feature>
     <feature>servlet-4.0</feature>
     <feature>jdbc-4.2</feature>
     <feature>appSecurity-2.0</feature>
@@ -17,16 +16,40 @@
     <fileset dir="/opt/ol/wlp/usr/shared/" includes="krb5LoginModule.jar"/>
   </library>
 
+  <webApplication id="was-kerberos-database" location="was-kerberos-database.war" name="was-kerberos-database">
+    <application-bnd>
+      <security-role name="Manager" id="Manager">
+        <user name="user1"/>
+      </security-role>
+      <security-role name="Employee" id="Employee">
+        <user name="user2"/>
+      </security-role>
+    </application-bnd>
+  </webApplication>
+
+  <basicRegistry realm="defaultRealm">
+    <user password="password" name="user1"/>
+    <user password="password" name="user2" />
+  </basicRegistry>
+
+  <!--
   <jaasLoginContextEntry id="krb5JAASLoginEntry" name="krb5JAASLoginEntry" loginModuleRef="krb5LoginModule" />
 	<jaasLoginModule id="krb5LoginModule" className="com.ibm.security.auth.module.Krb5LoginModule" controlFlag="REQUIRED" libraryRef="loginLib">
     <options credsType="both" useKeytab="/etc/krb5.keytab" principal="db2user/[email protected]"/>
   </jaasLoginModule>
+-->
   <dataSource id="db2ds" jndiName="jdbc/db2ds"> <!--jaasLoginContextEntry="krb5JAASLoginEntry">-->
     <jdbcDriver libraryRef="DB2JCCLib"/>
     <properties.db2.jcc databaseName="TESTDB" serverName="db2" portNumber="50000"/> <!--securityMechanism="11" KerberosServerPrincipal="db2user/[email protected]"/>-->
     <containerAuthData user="db2user"  password="password"/>
   </dataSource>
 
+  <dataSource id="noKrb5" jndiName="jdbc/nokrb5"> <!--jaasLoginContextEntry="krb5JAASLoginEntry">-->
+    <jdbcDriver libraryRef="DB2JCCLib"/>
+    <properties.db2.jcc databaseName="TESTDB" serverName="db2" portNumber="50000"/> <!--securityMechanism="11" KerberosServerPrincipal="db2user/[email protected]"/>-->
+    <containerAuthData user="db2user"  password="password"/>
+  </dataSource>
+
   <!--
   <spnego
     includeClientGSSCredentialInSubject="true"