+

Search Tips   |   Advanced Search

Liberty features

Features are the units of functionality for the runtime environment loaded into a particular server. The following table lists the Liberty features supported in the Liberty profile of each WAS edition. Product documentation marked with the icon indicates information about assets available only from the Liberty Repository.

Liberty feature Liberty Core WAS WAS ND WAS for z/OS
Java EE 6 Web Profile
beanValidation-1.0 X X X X
cdi-1.0 X X X X
ejbLite-3.1 X X X X
jaxrs-1.1 X X X X
jdbc-4.0 X X X X
jndi-1.0 X X X X
jpa-2.0 X X X X
jsf-2.0 X X X X
json-1.0 X X X X
jsp-2.2 X X X X
managedBeans-1.0 X X X X
servlet-3.0 X X X X
webProfile-6.0 X X X X
Java EE 7 Technologies
concurrent-1.0 X X X X

jsonp-1.0

X X X X

servlet-3.1

X X X X

websocket-1.0

X X X X
Extended Programming Models

couchdb-1.0


X X X
jaxb-2.2
X X X
jaxws-2.2
X X X

jca-1.6


X X X

jcaInboundSecurity-1.0


X X X

jms-1.1


X X X
jmsMdb-3.1
X X X

mdb-3.1


X X X
mongodb-2.0
X X X
wasJmsClient-1.1
X X X
wasJmsSecurity-1.0
X X X
wasJmsServer-1.0
X X X
wmqJmsClient-1.1
X X X
wsSecurity-1.1
X X X
Enterprise OSGi
blueprint-1.0 X X X X
osgi.jpa-1.0 X X X X
wab-1.0 X X X X
Operations
appSecurity-1.0 X X X X
appSecurity-2.0 X X X X
distributedMap-1.0 X X X X
ldapRegistry-3.0 X X X X
localConnector-1.0 X X X X
monitor-1.0 X X X X
oauth-2.0 X X X X

openid-2.0

X X X X

openidConnectClient-1.0

X X X X

openidConnectServer-1.0

X X X X
osgiConsole-1.0 X X X X
restConnector-1.0 X X X X
serverStatus-1.0 X X X X
sessionDatabase-1.0 X X X X
ssl-1.0 X X X X
timedOperations-1.0 X X X X
webCache-1.0 X X X X
Systems Management

adminCenter-1.0

X X X X
clusterMember-1.0

X X
collectiveController-1.0

X X
collectiveMember-1.0 X X X X

dynamicRouting-1.0



X X

scalingController-1.0



X X

scalingMember-1.0



X X
z/OS

zosConnect-1.0




X

zosLocalAdapters-1.0




X
zosSecurity-1.0


X
zosTransaction-1.0


X
zosWlm-1.0


X


Feature descriptions

The following list contains information about the features we can add to the server configuration. Including a feature in the configuration might cause one or more additional features to be loaded automatically. For example, if you include the wab-1.0 feature, the servlet-3.0 and blueprint-1.0 features are loaded automatically. Each feature includes a brief description, and an example of how the feature is declared within the <featureManager> element inside server.xml. For example: 

<server>
  <featureManager>
    <feature>servlet-3.0</feature>
    <feature>localConnector-1.0</feature>
  </featureManager>
</server>

Java EE 6 Web Profile

Bean validation

<feature>beanValidation-1.0</feature>

Validate JavaBeans at each layer of an application. The validation can be applied to all layers of JavaBeans in an application using annotations or a validation.xml deployment descriptor.

Contexts and Dependency Injection (CDI)

<feature>cdi-1.0</feature>

Enable support for the CDI 1.0 specification on the Liberty profile.

EJB Lite subset

<feature>ejbLite-3.1</feature>

Provide support for EJB applications written to the EJB Lite subset of the EJB 3.1 specification.

The following functions are supported:

  • An EJB module packaged in an EAR file
  • EJBs packaged in a WAR file
  • The @Stateful, @Stateless, @Singleton, and @EJB annotations
  • The javax.annotation.security annotations
  • Injection of JPA EntityManager, EntityManagerFactory, and JDBC DataSource into all types of session bean types
  • ejb-jar.xml
  • EJB interceptors
  • No-Interface View
  • Bean managed transactions (UserTransaction)

Java API for RESTful Web Services (JAX-RS)

<feature>jaxrs-1.1</feature>

Provide support for the Java API for RESTful Web Services on the Liberty profile.

  • For EJB applications that use the jaxrs-1.1 server feature, we must enable the ejbLite-3.1 feature in server.xml.

  • For JAX-RS applications that use CDI, we must enable the cdi-1.0 feature in server.xml.

  • For applications that use the global handler services, we must enable the jaxrs-1.1 or the jaxws-2.2 feature in server.xml.

For jaxrs-1.1 feature configuration information, see Java RESTful Services 1.1.

Java Database Connectivity (JDBC)

<feature>jdbc-4.0</feature>

We can take an existing application that uses JDBC and a data source, and deploy the application to a server. The jdbc-4.0 feature provides support for applications that access a database.

Java Naming and Directory Interface (JNDI)

<feature>jndi-1.0</feature>

Provide support for a single JNDI entry definition in the server configuration of the Liberty profile.

Java Persistence API (JPA)

<feature>jpa-2.0</feature>

Provide support for applications that use application-managed and container-managed JPA written to the JPA 2.0 specification. The support is built on Apache OpenJPA with extensions to support the container-managed programming model.

Extended Persistence Context is now available for use with Stateful Session beans.

JavaServer Faces (JSF)

<feature>jsf-2.0</feature>

The jsf-2.0 feature provides support for web applications that use the JSF framework. This framework simplifies the construction of user interfaces.If you include the jsf-2.0 feature, you also include the jsp-2.2 feature, because the JSF framework is an extension of the JSP framework.

JavaScript Object Notation (JSON4J) Library

<feature>json-1.0</feature>

Provide access to the JSON4J library that provides a set of JSON handling classes for Java environments. The JSON4J library provides a simple Java model for constructing and manipulating data to be rendered as JSON data.

JavaServer Pages (JSP)

<feature>jsp-2.2</feature>

If you include the jsf-2.0 feature, you also include the jsp-2.2 feature, because the JSF framework is an extension of the JSP framework. If you include the jsp-2.2 feature, you also include the servlet-3.0 feature.

Managed Beans

<feature>managedBeans-1.0</feature>

The managedBeans-1.0 feature provides support for the Managed Beans 1.0 specification (JSR-316). This feature enables use of the javax.annotation.ManagedBean annotation.

Servlet 3.0

<feature>servlet-3.0</feature>

The servlet-3.0 feature provides support for HTTP Servlets written to the Java Servlet 3.0 specification.

See Secure the Liberty profile and its applications.

Web Profile

<feature>webProfile-6.0</feature>

This feature provides a convenient combination of the Liberty features required to support the Java EE Web Profile.

Java EE 7 Technologies

JavaScript Object Notation Processing

<feature>jsonp-1.0</feature>

Provide a standardized method for constructing and manipulating data to be rendered in JavaScript Object Notation (JSON).

Managed Executors and Thread Factories

<feature>concurrent-1.0</feature>

Enable the creation of managed executor services that allow applications to submit tasks to run concurrently, with thread context managed by the application server. The feature also enables the creation of managed thread factories to create threads that run with the thread context of the component that looks up the managed thread factory.

Servlet 3.1

<feature>servlet-3.1</feature>

The servlet-3.1 feature enables support for HTTP Servlets that are written to the Java Servlet 3.1 specification.

See Servlet 3.1 behavior changes.

WebSockets

<feature>websocket-1.0</feature>

WebSockets is a standard protocol that enables a web browser or client application and a web server application to communicate using one full duplex connection.

See Liberty profile: WebSockets.

Extended Programming Models

CouchDB

<feature>couchdb-1.0</feature>

Provide support for CouchDB instances and associated database connections. Access to CouchDB connections is available either by JNDI lookup or resource injection.

Java Architecture for XML Binding (JAXB)

<feature>jaxb-2.2</feature>

Provide support for the Java Architecture for XML Binding (JAXB) on the Liberty profile.

See JAXB.

Java API for XML-Based Web Services (JAX-WS)

<feature>jaxws-2.2</feature>

Provide support for the Java API for XML-Based Web Services on the Liberty profile.

  • For web applications that support the JAX-WS programming model, we must enable the servlet-3.0 and jaxws-2.2 server features in server.xml.

  • For EJB applications that support the JAX-WS programming model, we must enable the ejbLite-3.1, servlet-3.0, and jaxws-2.2 server features in server.xml.

  • For applications that use the global handler services, we must enable the jaxrs-1.1 or the jaxws-2.2 feature in server.xml.

Java EE Connector Architecture

<feature>jca-1.6</feature>

Provide configuration elements to define instances of connection factories, administered objects, and activation specifications, and to associate these instances with an installed resource adapter.

Java EE Connector Architecture Inbound Security

<feature>jcaInboundSecurity-1.0</feature>

Enable security inflow for resource adapters.

Java Message Service

<feature>jms-1.1</feature>

Enable the configuration of resource adapters to access messaging systems using the Java Message Service API. This also includes the configuration JMS connection factories, queues, topics, and activation specifications. Any JMS resource adapter that complies with the JCA 1.6 specification can be used.

Message-Driven beans

<feature>jmsMdb-3.1</feature>

Provide support for deploying and configuring the JMS resources required for the message-driven beans (MDB) to run within the Liberty profile. This feature enables MDB to interact with either the embedded Liberty messaging or WebSphere MQ.

Message-Driven Beans 3.1

<feature>mdb-3.1</feature>

Enable the use of Message-Driven Enterprise JavaBeans. MDBs allow asynchronous processing of messages within a Java EE component.

MongoDB

<feature>mongodb-2.0</feature>

Provide support for MongoDB instances and associated database connections. Access to MongoDB connections is available either by JNDI lookup or resource injection. The native com.mongodb API performs the database manipulation.

Embedded Liberty Messaging features:

<feature>wasJmsClient-1.1</feature>

Enable support for JMS resource configurations (such as the connection factories, activation specifications, and queue and topic resources) and also provides the client libraries required by the messaging applications to connect to the JMS server on the Liberty profile.

<feature>wasJmsSecurity-1.0</feature>

The wasJmsSecurity-1.0 feature supports secure connections to the messaging engine. When the wasJmsSecurity-1.0 feature is enabled, it starts authenticating and authorizing the users who are trying to connect to the messaging engine. The user is authenticated against the registry defined in server.xml. When the user wants to access a destination such as a topic or a queue, then the user must be granted the required permissions. The access to the destination is defined in the <messagingSecurity> element (the child element of the messagingEngine element) in server.xml. If the wasJmsSecurity-1.0 feature is added and the <messagingSecurity> element is not defined in server.xml, then the users cannot connect to the messaging engine or perform any messaging action (for example, sending or receiving messages from the destinations).

  • Configure the user registry is a prerequisite for the wasJmsSecurity-1.0 feature. Ensure that a user registry is configured before the wasJmsSecurity-1.0 feature is enabled.

  • When we enable the wasJmsSecurity-1.0 feature, we must also configure the <messagingSecurity> element, which is the child element of the <messagingEngine> element, in server.xml. This configuration enables authorized users to access messaging destinations.

<feature>wasJmsServer-1.0</feature>

The wasJmsServer-1.0 feature enables the JMS messaging engine run time to be initialized. The messaging run time is responsible for providing the application connectivity, managing the state of destinations such as topics or queues, and handling quality of service, security, and transactions. This feature also provides support for the inbound connections from the remote messaging applications. The remote messaging applications can connect to the JMS messaging engine through TCP/IP over SSL or non-SSL.

To connect using SSL, we must enable the SSL feature.

WebSphere MQ Messaging feature:

<feature>wmqJmsClient-1.1</feature>

The wmqJmsClient-1.1 feature enables applications to use JMS messaging that connects to a WebSphere MQ server.

Web services security

<feature>wsSecurity-1.1</feature>

The wsSecurity-1.1 feature provides support for securing web services at the message level. To secure web services messages, we must enable this feature and the appSecurity-2.0 and jaxws-2.2 features. Web services security policies defined in a WSDL file are ignored and are not enforced unless the wsSecurity-1.1 feature is enabled.

Enterprise OSGi

Blueprint

<feature>blueprint-1.0</feature>

The blueprint-1.0 feature enables support for deploying OSGi applications that use the OSGi blueprint container specification.With the OSGi AThe blueprint-1.0 feature enables support for deploying OSGi applications that use the OSGi blueprint container specification.Applications support in WAS, we can develop and deploy modular applications that use Java EE and OSGi technologies. See OSGi Applications.

For blueprint-1.0 feature configuration information, see OSGi Blueprint.

OSGi JPA

<feature>osgi.jpa-1.0</feature>

The osgi.jpa-1.0 feature provides JPA support for OSGi applications on the Liberty profile.

For osgi.jpa-1.0 feature configuration information, see OSGi Java Persistence API.

Web application bundle (WAB)

<feature>wab-1.0</feature>

This feature enables support for warnings to be logged when certain operations in the application server are running more slowly than expected. The wab-1.0 feature provides support for WABs that are inside enterprise bundles. The wab-1.0 feature provides support for WABs that are inside enterprise bundles.

This feature supports the following resources packaged inside a WAB:

  • Static web content and JSPs.

  • HTTP servlets written to the Servlet 3.0 specification.

  • Blueprint applications.

If you include the wab-1.0 feature, you also include the servlet-3.0 and blueprint-1.0 features.

For wab-1.0 feature configuration information, see OSGi Web Application Bundles.

Operations

Security

<feature>appSecurity-2.0</feature>

This version of the appSecurity feature provides only certain aspects of security, based explicitly on the presence of other features. Additionally, it does not automatically include the servlet-3.0 or ldapRegistry-3.0 features, thereby reducing the server footprint. To secure web applications, we must include the servlet-3.0 feature. To enable EJB security, we must include the ejbLite-3.1 feature. To support an LDAP user registry, we must include the ldapRegistry-3.0 feature.

  • The appSecurity-2.0 feature supersedes appSecurity-1.0. The features are the same except that appSecurity-2.0 does not automatically include servlet-3.0 or ldapRegistry-3.0. We can choose to use the appSecurity-2.0 version instead in the server configuration. See Superseded features.

    • To enable web security, we must specify the servlet-3.0 feature in server.xml.

    • To enable support for LDAP, we must specify the ldapRegistry-3.0 feature in server.xml.

The appSecurity-1.0 and appSecurity-2.0 features provide support for securing the server runtime environment and applications. The following aspects are supported:

  • Basic user registry

  • Lightweight Directory Access Protocol (LDAP) user registry

  • Basic authorization

  • Web application security

    • Basic authentication login

    • Form-login Form-logout

    • Programmatic APIs: getRemoteUser, getUserPrincipal, isUserInRole, authenticate, logout, and login.

  • EJB application security

    • All security annotations and all security elements that can be specified in the ejb-jar.xml file.

    • Programmatic APIs: getCallerPrincipal, isCallerInRole, and getCallerIdentity. The getCallerIdentity API is not supported for Singleton session beans.

    • EJB extension settings in the ibm-ejb-jar-ext.xml file for run-as-mode of CALLER_IDENTITY and SPECIFIED_IDENTITY (SYSTEM_IDENTITY is not supported).

When we add the appSecurity-1.0 or appSecurity-2.0 feature to the server, we must also configure a user registry, such as the basic user registry or the LDAP user registry.

See Secure the Liberty profile and its applications

For appSecurity-1.0 feature configuration information, see Application Security 1.0.

For appSecurity-2.0 feature configuration information, see Application Security 2.0.

OAuth

<feature>oauth-2.0</feature>

.The oauth-2.0 feature provides support for securing access to resources using the OAuth 2.0 protocol.

For oauth-2.0 feature configuration information, see OAuth.

OpenID

<feature>openid-2.0</feature>

This feature enables users to authenticate themselves to multiple entities without the need to manage multiple accounts or sets of credentials. The Liberty profile supports OpenID 2.0 and plays a role as a Relying Party in web single-sign-on. Accessing various entities like websites often requires a unique account that is associated with each entity. OpenID enables a single set of credentials that are handled by an OpenID Provider to grant access to any number of entities that support OpenID.

For openid-2.0 feature configuration information, see OpenID.

OpenID Connect Client

<feature>openidConnectClient-1.0</feature>

This feature enables web applications to integrate OpenID Connect Client 1.0 for authenticating users instead of, or in addition to, the configured user registry.

For openidConnectClient-1.0 feature configuration information, see OpenID Connect Client.

OpenID Connect Provider

<feature>openidConnectServer-1.0</feature>

This feature enables web applications to integrate OpenID Connect Server 1.0 for authenticating users instead of, or in addition to, the configured user registry.

For openidConnectServer-1.0 feature configuration information, see OpenID Connect Provider.

Cache Service

<feature>distributedMap-1.0</feature>

This feature provides a local cache service that can be accessed using the DistributedMap API. A default cache is bound in JNDI at services/cache/distributedmap. We can distribute a cache by adding a network cache provider such as WebSphere eXtreme Scale.

For distributedMap-1.0 feature configuration information, see Distributed Map interface for Dynamic Caching.

ldapRegistry-3.0

<feature>ldapRegistry-3.0</feature>

The ldapRegistry-3.0 feature provides support for LDAP user registry. The version 3.0 of the ldapRegistry-3.0 feature is compliant with the LDAP Version 3 specifications. The ldapRegistry-3.0 feature is not automatically enabled by the appSecurity-2.0 feature. Using this feature, we can federate multiple LDAP repositories. Two or more LDAP repositories can be configured in server.xml, and we can get the consolidated results from multiple repositories for all LDAP operations.

For ldapRegistry-3.0 feature configuration information, see LDAP User Registry.

Local JMX Connector

<feature>localConnector-1.0</feature>

The localConnector-1.0 feature provides a local JMX connector that is built into the JVM. The JMX connector can be used only on the same host machine by someone running under the same user ID and the same JDK. It enables local access by JMX clients such as jConsole, or other JMX clients that use the Attach API.

See Access local and JMX REST connectors .

For localConnector-1.0 feature configuration information, see JMX Local Connector.

Monitoring

<feature>monitor-1.0</feature>

The monitor-1.0 feature provides Performance Monitoring Infrastructure (PMI) support on the Liberty profile.

See Monitoring the Liberty profile.

For monitor-1.0 feature configuration information, see Performance Monitoring.

OSGi Console

<feature>osgiConsole-1.0</feature>

This feature enables an OSGi console to aid the debugging of the runtime environment. It can be used to display information about bundles, packages, and services. This information can be useful when developing our own features for product extensions.

For osgiConsole-1.0 feature configuration information, see OSGi Debug Console.

REST connector

<feature>restConnector-1.0</feature>

The restConnector-1.0 feature provides a secure JMX connector that can be used locally or remotely using any JDK. It enables remote access by JMX clients through a REST-based connector and requires SSL and basic user security configuration.

See Access local and JMX REST connectors and, for details on REST connectors, see Configure secure JMX connection to the Liberty profile.

For restConnector-1.0 feature configuration information, see JMX REST Connector.

Server status

<feature>serverStatus-1.0</feature>

The serverStatus-1.0 feature enables Liberty profile servers to automatically publish their status to WAS deployment managers and job managers that are aware of the server as a resource in their Job configuration. The known states are Started and Stopped.

See Submitting jobs to manage Liberty profile servers and Install Liberty profile server resources using the job manager.

For serverStatus-1.0 feature configuration information, see Job Manager Integration.

Session Persistence

<feature>sessionDatabase-1.0</feature>

The sessionDatabase-1.0 feature provides session affinity and failover support on the Liberty profile.

See Configure session persistence .

For sessionDatabase-1.0 feature configuration information, see Database Session Persistence.

SSL

<feature>ssl-1.0</feature>

The ssl-1.0 feature provides support for SSL connections. To use the secure HTTPS listener, we must enable this feature.The Liberty profile provides a dummy keystore and a dummy truststore, which are the same as those provided by previous versions of WAS. The secure HTTPS listener is not started unless the ssl-1.0 feature is enabled. If the feature is unavailable, the HTTPS listener is stopped. To specify the SSL certificates, add a pointer in server.xml; see Secure communications with the Liberty profile. To change the HTTPS port, set the <httpsPort> attribute of the <httpEndpoint> element in server.xml; see Specify Liberty profile bootstrap properties.

For ssl-1.0 feature configuration information, see Secure Socket Layer.

Timed Operations

<feature>timedOperations-1.0</feature>

This feature enables support for warnings to be logged when certain operations in the application server are running more slowly than expected.

For timedOperations-1.0 feature configuration information, see Timed Operations.

Dynamic caching service

<feature>webCache-1.0</feature>

This feature enables local caching for web responses. It includes the Cache Service (distributedMap) feature and performs automatic caching of web application responses to improve response times and throughput. To customize the response caching, we can include a cache-spec.xml file in the applications. We can distribute the cache by adding a network cache provider such as WebSphere eXtreme Scale.

For webCache-1.0 feature configuration information, see Web Response Cache.

Systems Management

Administrative Center

<feature>adminCenter-1.0</feature>

The adminCenter-1.0 feature is a web-based graphical interface for managing Liberty profile servers and applications and other resources from a web browser on a cell phone, tablet, or computer.

See Administer the Liberty profile using Admin Center

For adminCenter-1.0 feature configuration information, see Web Admin Center.

Cluster member

<feature>clusterMember-1.0</feature>

A member in a collective can add the clusterMember-1.0 feature and specify <clusterMember name="<clusterName>" />into its server configuration. The cluster name will be published to the controller, and this server will be part of the specified cluster.

Collective controller

<feature>collectiveController-1.0</feature>

The collectiveController-1.0 feature enables controller functionality for a management collective and includes a management repository MBean accessible using the JMX/REST connector provided by the restConnector-1.0 feature. The collective controller acts as a storage and collaboration mechanism to which collective members can connect. The collectiveController-1.0 feature includes a ServerCommandMbean that can be used to remote start or stop servers managed by the collective controller. The collectiveController-1.0 feature and its capabilities are available only in IBMWAS Liberty ND.

The feature is not available in IBM WAS Liberty, IBM WAS Liberty - Express, or IBM WAS Liberty Core.

Collective member

<feature>collectiveMember-1.0</feature>

The collectiveMember-1.0 feature enables a server to be a member of a management collective, allowing it to be managed by the collective controller.

See Set up collectives.

For collectiveMember-1.0 feature configuration information, see Collective Member.

Dynamic Routing

<feature>dynamicRouting-1.0</feature>

The Intelligent Management feature of the WebSphere plugin for Apache and IHS provides On Demand Router (ODR) capabilities for the plugin. This feature enables a server to run the dynamic routing service. The plugin can then connect to the ODR in order to dynamically route to all servers in the liberty collective.

Scaling Controller

<feature>scalingController-1.0</feature>

The scalingController-1.0 feature makes scaling decisions for Liberty. Multiple servers can run the Scaling Controller feature for high availability purposes. Only one server is actively making scaling decisions at any time. If that server is stopped, another server running the Scaling Controller feature can take over making scaling decisions.

Scaling Member

<feature>scalingMember-1.0</feature>

The scalingMember-1.0 feature can be added to the featureManagement element of the server.xml of servers that are collective members. This will enable auto clustering of the collective members and will allow the servers to dynamically start/stop based on criteria specified by the scaling policy. This feature works in conjunction with the scaling controller feature. The scaling controller feature should be enabled in the collective controllers that are part of the collective.

z/OS

z/OS Connect

<feature>zosConnect-1.0</feature>

The zosConnect-1.0 feature is service that encapsulates calling z/OS target applications using REST calls.

z/OS optimized local adapters

<feature>zosLocalAdapters-1.0</feature>

The zosLocalAdapters-1.0 feature enables high-performance calling between native-language applications on z/OS and business logic in a Liberty profile server environment.

z/OS security

<feature>zosSecurity-1.0</feature>

The zosSecurity-1.0 feature provides support on the z/OS platform for basic interactions with the SAF Registry, including authenticating users, and retrieving users, groups, or groups associated with users, from the SAF Registry.

z/OS transaction management

<feature>zosTransaction-1.0</feature>

Specify this feature enables the application server to synchronize and appropriately manage transactional activity between the Resource Recovery Services (RRS), the transaction manager of the application server, and the resource manager.

z/OS workload management

<feature>zosWlm-1.0</feature>

The zosWlm-1.0 feature provides access to z/OS native workload management (WLM) services.

Concepts: Feature restrictions.
Feature management
Server configuration
Deploy a JPA application to the Liberty profile
Add and remove Liberty features
JavaServer Faces Community
Java Servlet 3.0 specification
Java Persistence API (JPA) 2.0 specification
Java Server Pages (JSP) 2.2 specification
Bean Validation specification
Java API for RESTful Web Services ( JAX-RS) 1.0 specification
Java API for XML-based Web Services (JAX-WS) 2.2 specification
EJB 3.1 specification
Managed Beans 1.0 specification