Capability

Security

Search Bar

Liferay DXP is built with security in mind. A variety of standards based authentication methods and integrations can be used to ensure secure access to a site and its resources. Robust role-based access control with permissions gives you fine grained control over what authenticated and unauthenticated users can access, share, or edit. Liferay DXP’s web services also have a multi-layered and configurable approach to security and authorization.

Category
  • Capability
  • Deployment Approach
  • Feature
  • Resource Type
Category
  • Capability
  • Deployment Approach
  • Feature
  • Resource Type
Managing Guest User Entries
Official Documentation
Managing Guest User Entries When you create an object and its application UI, unauthenticated users cannot add object entries, even if you add an object-backed application to a page and grant the...
Audit Framework
Official Documentation
Audit Framework Liferay's audit framework shows activities relating to users, user groups, organizations, roles, multi-factor authentication, and objects (definitions, fields, actions, layouts,...
System for Cross-domain Identity Management (SCIM)
Official Documentation
System for Cross-domain Identity Management (SCIM) Liferay DXP 2024.Q1+ System for Cross-domain Identity Management or SCIM, is an open standard that automates user provisioning. In other words,...
Account Addresses
Official Documentation
Account Addresses Available 7.4+ Account addresses are the billing or shipping addresses associated with Business or Person accounts. Adding an Account Address Open the Global Menu (Global...
Configuring User Import and Export
Official Documentation
Configuring User Import and Export The import/export settings configure mappings between LDAP and Liferay to match users between the two systems. Finding Users in Your LDAP Directory...
Using Authentication Verifiers
Official Documentation
Using Authentication Verifiers Authentication Verifiers authenticate remote invocations of Liferay Portal's API in a centralized and extensible way. They have two main responsibilities: Verify...
Setting Service Access Policies
Official Documentation
Setting Service Access Policies Service Access Policies define what services or service methods can be invoked remotely. You can apply many of them at once to produce a combined effect. They are...
Channel Defaults Permissions Reference
Official Documentation
Channel Defaults Permissions Reference Liferay DXP 7.4 U75+/GA75+ Setting channel defaults for an account ensures that addresses, shipping options, terms and conditions, and payment methods are...
Setting Up CORS
Official Documentation
Setting Up CORS CORS stands for Cross-Origin Resource Sharing. An Origin is a web server at a different domain, and a Resource is some asset stored on the server, like an image, PDF, or HTML file....
Using Workflow with Accounts
Official Documentation
Using Workflow with Accounts Liferay 7.4 U49+/GA49+ Accounts are fully integrated with Liferay's workflow engine, so you can enable an approval process for account creation. To enable a workflow...
Securing Web Services
Official Documentation
Securing Web Services Liferay DXP provides four security layers for web services: IP permission layer: The IP address from which a web service invocation request originates must be white-listed in...
Account Management Widget
Official Documentation
Account Management Widget Available 7.4+ Use Account Management widget to manage and access account information from any page. This provides access for those without permission to view the Control...
Configuring the Anonymous User
Official Documentation
Configuring the Anonymous User Internet users are increasingly and justifiably concerned about how their personal data is processed by the systems they use. Liferay is aware of the need for...
Managing User Data (GDPR)
Official Documentation
Managing User Data (GDPR) Liferay's User Associated Data (UAD) framework assists you in meeting two of the General Data Protection Regulation's (GDPR) technically challenging requirements: The...
Managing Third-Party Cookies
Official Documentation
Managing Third-Party Cookies Liferay DXP 2024.Q1+/Portal GA112+ Third-party cookies are generated by domains different from the one a user is currently visiting. These cookies are often used by...
Exporting User Data
Official Documentation
Exporting User Data One of the General Data Protection Regulation's (GDPR) tenets is that Users have a right to data portability. Data portability means that users have the right to receive their...
Organization Roles
Official Documentation
Organization Roles Liferay Organizations provide a convenient way to implement distributed User management. With them, you can use Organization-scoped Roles to assign standard permissions to all...
Organizations
Official Documentation
Organizations Organizations in Liferay can enable distributed user and site management that reflects real world organizational hierarchies. Organizations can nest to an unlimited number of...
Adding Users to Organizations
Official Documentation
Adding Users to Organizations With Liferay organizations, you can manage users and permissions to model your real-life organizational hierarchy, which can then be quickly implemented in...
Assigning Roles to User Segments
Official Documentation
Assigning Roles to User Segments Liferay DXP 7.2 SP2+, Liferay CE 7.3.1 GA2+ User segments are dynamically assigned user collections. If a segment can be well-defined with the available criteria,...
Creating and Managing Organizations
Official Documentation
Creating and Managing Organizations If you're not sure what Organizations are or whether you need them, start here. Adding Organizations Click Users and Organizations from Control Panel → Users....
Creating and Managing Roles
Official Documentation
Creating and Managing Roles Once you understand roles and permissions, you can create the roles and empower your users to work within your Liferay DXP solution. Create and manage roles in Control...
Assigning Users to Roles
Official Documentation
Assigning Users to Roles The location of a role's assignment UI corresponds with the Role's scope. Regular Roles Globally scoped regular roles are available for configuration in the DXP Control...
Sanitizing User Data
Official Documentation
Sanitizing User Data One of the technically challenging requirements of the General Data Protection Regulation (GDPR) is the right to be forgotten. The purpose here is not to go into the details of...
Adding a New Organization Type
Official Documentation
Adding a New Organization Type By default, Liferay DXP only includes the Organization type. You can configure the existing type or add additional types in System Settings → Users → Organization...
Organization Sites
Official Documentation
Organization Sites Liferay Organizations enable distributed User management, providing a convenient way to organize and manage instance users and roles to reflect your organizational hierarchy....
Default Roles Reference
Official Documentation
Default Roles Reference All roles available in a Liferay DXP installation can be viewed in the Roles administrative application, organized by scope. Navigate there using Control Panel → Users →...
Defining Role Permissions
Official Documentation
Defining Role Permissions Roles collect permissions, so when users are given a role, they inherit all its permissions. If you create a role with permission to access something in the Control...
Creating and Managing User Groups
Official Documentation
Creating and Managing User Groups A user group is a list of users created for a specific purpose. User groups can be created across the hierarchical boundaries of organizations. For example, an...
Understanding Roles and Permissions
Official Documentation
Understanding Roles and Permissions To give users the necessary permissions to perform their intended function within Liferay DXP, you must first associate the set of permissions with a role. ...
Managing Site Membership and Permissions with User Groups
Official Documentation
Managing Site Membership and Permissions with User Groups You can use user groups to manage site membership, roles, and permissions. Managing Site Membership with User Groups One of the primary...
Service Accounts
Official Documentation
Service Accounts A service account is a common abstraction in systems used to make authenticated API requests on behalf of the system. Every virtual instance in Liferay comes with one service...
Users
Official Documentation
Users Every person who accesses a Liferay site is considered a user. Unauthenticated users are considered Guest users. Liferay ships out-of-the-box with a default admin user who has complete...
Updating User Profile Pictures for Liferay 7.3 and Earlier Versions
Official Documentation
Updating User Profile Pictures for Liferay 7.3 and Earlier Versions Users have profile pictures. Administrative Users can upload images in the Edit User form, and Users can update their own account...
Security Settings
Official Documentation
Security Settings Enabling Antivirus Scanning for Uploaded Files More coming soon!
Accounts
Official Documentation
Accounts Available 7.4+ Accounts provide administrators with a way to organize and manage users for various commerce or business needs. Unlike organizations or user groups, accounts help...
Users and Permissions
Official Documentation
Users and Permissions Liferay comes with a comprehensive framework to manage user access and roles within Liferay. To support complex organizational needs, there are several entities within the...
Setting Channel Defaults
Official Documentation
Setting Channel Defaults Liferay 7.4 U49+/GA49+ Users with the necessary account management permissions can set channel defaults for business accounts. Open the Global Menu ( Global Menu ) and...
Channel Defaults
Official Documentation
Channel Defaults Available Liferay 7.4 U49+/GA49+ After creating a business account, set channel defaults to streamline ordering and tailor Commerce behavior for specific accounts. Channel...
Contacts
Official Documentation
Contacts Liferay DXP 2024.Q2+/Portal GA120+ Using the new Contact tab on an account, you can add contact details related to the account: Addresses Phone Numbers Email Addresses Websites ...