Capability

Security

Search Bar

Liferay DXP is built with security in mind. A variety of standards based authentication methods and integrations can be used to ensure secure access to a site and its resources. Robust role-based access control with permissions gives you fine grained control over what authenticated and unauthenticated users can access, share, or edit. Liferay DXP’s web services also have a multi-layered and configurable approach to security and authorization.

Category
  • Capability
  • Deployment Approach
  • Feature
  • Resource Type
Category
  • Capability
  • Deployment Approach
  • Feature
  • Resource Type
Managing Guest User Entries
Official Documentation
Managing Guest User Entries When you create an object and its application UI, unauthenticated users cannot add object entries, even if you add an object-backed application to a page and grant the...
Searching and Exporting Audit Events
Official Documentation
Searching and Exporting Audit Events The audit application comes with simple and advanced searching capabilities. To use the simple search, you can enter a search term and click the magnifying...
Configuring Liferay
Official Documentation
Configuring Liferay Liferay is a very adaptable tool. You can modify and configure it to suit the needs of your application.
Audit Framework
Official Documentation
Audit Framework Subscription Liferay's audit framework shows activities relating to users, user groups, organizations, roles, multi-factor authentication, and objects (definitions, fields,...
Audit Configuration Reference
Official Documentation
Audit Configuration Reference Configuration settings for audits are available at a system scope. You can find these settings by opening the Global Menu (Global Menu) and navigating to Control Panel...
Security Settings
Official Documentation
Security Settings Enabling Antivirus Scanning for Uploaded Files More coming soon!
User Authentication
Official Documentation
User Authentication The User Authentication settings define how Users can authenticate, the various authentication methods that are required for them, and the screen names and email addresses that...
Securing Web Services
Official Documentation
Securing Web Services Liferay DXP provides four security layers for web services: IP permission layer: The IP address from which a web service invocation request originates must be white-listed in...
Configuring Content Security Policy Headers
Official Documentation
Configuring Content Security Policy Headers Modern browsers use Content Security Policy HTTP response headers to enhance web pages' security to mitigate certain types of attacks (like Cross-Site...
System for Cross-domain Identity Management (SCIM)
Official Documentation
System for Cross-domain Identity Management (SCIM) Subscription Liferay DXP 2024.Q1+ System for Cross-domain Identity Management or SCIM, is an open standard that automates user provisioning. In...
Users and Permissions
Official Documentation
Users and Permissions Liferay comes with a comprehensive framework to manage user access and roles within Liferay. To support complex organizational needs, there are several entities within the...
Account Addresses
Official Documentation
Account Addresses Available 7.4+ Account addresses are the billing or shipping addresses associated with Business or Person accounts. Adding an Account Address Open the Global Menu (Global...
Account Management Widget
Official Documentation
Account Management Widget Available 7.4+ Use Account Management widget to manage and access account information from any page. This provides access for those without permission to view the Control...
Using Authentication Verifiers
Official Documentation
Using Authentication Verifiers Authentication Verifiers authenticate remote invocations of Liferay Portal's API in a centralized and extensible way. They have two main responsibilities: Verify...
Setting Up CORS
Official Documentation
Setting Up CORS CORS stands for Cross-Origin Resource Sharing. An Origin is a web server at a different domain, and a Resource is some asset stored on the server, like an image, PDF, or HTML file....
Accounts
Official Documentation
Accounts Available 7.4+ Accounts provide administrators with a way to organize and manage users for various commerce or business needs. Unlike organizations or user groups, accounts help...
Account Groups
Official Documentation
Account Groups Available 7.4+ Use Account Groups to organize related accounts. For example, group accounts by region (Americas, Asia Pacific, Europe, etc.). Creating an Account Group Open the...
Account Roles
Official Documentation
Account Roles Available 7.4+ Create different account roles with specific permissions and assign them to account users to manage access to accounts. There are two types of account roles: ...
Account Users
Official Documentation
Account Users For Liferay 7.4 U55+/GA55+ Once you've created an account, you can associate existing users with it manually. Alternatively, you can create and associate users with an account...
Channel Defaults
Official Documentation
Channel Defaults Available Liferay 7.4 U49+/GA49+ After creating a business account, set channel defaults to streamline ordering and tailor Commerce behavior for specific accounts. Channel...
Channel Defaults Permissions Reference
Official Documentation
Channel Defaults Permissions Reference Liferay DXP 7.4 U75+/GA75+ Setting channel defaults for an account ensures that addresses, shipping options, terms and conditions, and payment methods are...
Adding Subtypes to Account Addresses
Official Documentation
Adding Subtypes to Account Addresses Liferay DXP 2025.Q2+ In addition to billing and shipping address types, administrators can define and assign custom subtypes for account addresses. This...
Contacts
Official Documentation
Contacts Liferay DXP 2024.Q2+/Portal GA120+ Using the new Contact tab on an account, you can add contact details related to the account: Addresses Phone Numbers Email Addresses Websites ...
Using Workflow with Accounts
Official Documentation
Using Workflow with Accounts Liferay 7.4 U49+/GA49+ Accounts are fully integrated with Liferay's workflow engine, so you can enable an approval process for account creation. To enable a workflow...
Setting Channel Defaults
Official Documentation
Setting Channel Defaults Liferay 7.4 U49+/GA49+ Users with the necessary account management permissions can set channel defaults for business accounts. Open the Global Menu ( Global Menu ) and...
Connecting to a User Directory
Official Documentation
Connecting to a User Directory LDAP (Lightweight Directory Access Protocol) is a common user store for Liferay DXP. You can import user information from an LDAP server into Liferay or export...
Managing User Data (GDPR)
Official Documentation
Managing User Data (GDPR) Liferay's User Associated Data (UAD) framework assists you in meeting two of the General Data Protection Regulation's (GDPR) technically challenging requirements: The...
Exporting User Data
Official Documentation
Exporting User Data One of the General Data Protection Regulation's (GDPR) tenets is that Users have a right to data portability. Data portability means that users have the right to receive their...
Consent Management Platform (CMP) Integration
Official Documentation
Consent Management Platform (CMP) Integration
Configuring the Anonymous User
Official Documentation
Configuring the Anonymous User Internet users are increasingly and justifiably concerned about how their personal data is processed by the systems they use. Liferay is aware of the need for...
Managing Privacy Settings
Official Documentation
Managing Privacy Settings You can ensure GDPR compliance for your cookies using Liferay's configuration interface. This ensures privacy compliance while providing insights into system usage. You...
Managing Third-Party Cookies
Official Documentation
Managing Third-Party Cookies Liferay DXP 2024.Q1+/Portal GA112+ Third-party cookies are generated by domains different from the one a user is currently visiting. These cookies are often used by...
Sanitizing User Data
Official Documentation
Sanitizing User Data One of the technically challenging requirements of the General Data Protection Regulation (GDPR) is the right to be forgotten. The purpose here is not to go into the details of...
Organizations
Official Documentation
Organizations Organizations in Liferay can enable distributed user and site management that reflects real world organizational hierarchies. Organizations can nest to an unlimited number of...
Creating and Managing Organizations
Official Documentation
Creating and Managing Organizations If you're not sure what Organizations are or whether you need them, start here. Adding Organizations Click Users and Organizations from Control Panel → Users....
Adding Users to Organizations
Official Documentation
Adding Users to Organizations With Liferay organizations, you can manage users and permissions to model your real-life organizational hierarchy, which can then be quickly implemented in...
Organization Sites
Official Documentation
Organization Sites Liferay Organizations enable distributed User management, providing a convenient way to organize and manage instance users and roles to reflect your organizational hierarchy....
Assigning Roles to User Segments
Official Documentation
Assigning Roles to User Segments Liferay DXP 7.2 SP2+, Liferay CE 7.3.1 GA2+ User segments are dynamically assigned user collections. If a segment can be well-defined with the available criteria,...
Configuring a Password Policy
Official Documentation
Configuring a Password Policy Password policies enhance the security of your installation. You can use the default policy that ships with Liferay (modified or as is), or you can create your own...
Defining Role Permissions
Official Documentation
Defining Role Permissions Roles collect permissions, so when users are given a role, they inherit all its permissions. If you create a role with permission to access something in the Control...