Liferay’s philosophy is “secure by default.” That means a default installation’s configuration is secure right away. There are, however, many ways to tune the security closer to your needs. These ways come in several categories:
- Securing Web Services
- Single Sign-On
You can tune each of these categories to better match your organization’s design, rather than just sticking with the default. Here, you’ll configure a Liferay installation to match Delectable Bonsai’s needs.
First, you’ll configure how users log onto the system. Then you’ll tune the authentication verifiers configured by default. After that, you’ll enable multi-factor authentication.
Once you’ve configured authentication, you’ll move on to securing the web services. You’ll tune the service access policies that ship with the product, and you’ll enable cross-origin resource sharing (CORS) for images in Documents and Media.
After that, you’ll look at single sign-on and configure security assertion markup language (SAML) so users can use Liferay to sign into multiple systems. Finally, you’ll configure app authorization with OAuth 2.
These topics give you a tour through many of Liferay’s security features. To learn more, be sure to review the security documentation on Liferay Learn.