Search Results

Issue How are strangers defined by Liferay? How can I control email notifications to strangers upon signup? Environment DXP 7.3+ Resolution The SAML property defining unknown users as strangers was introduced in DXP 7.3. (1) This property defines if users that do not exist already in the...

Issue When trying to access the site URL, the console displays the following exception, and the site is inaccessible. javax.net.ssl.SSLHandshakeException: Received fatal alert: handshakefailure javax.net.ssl.SSLHandshakeException: Received fatal alert: handshakefailure at...

Issue When using the burp suite tool to intercept traffic, the Liferay Auth token is visible in the Page Source, which could make the environment vulnerable in the user's view. Environment Liferay DXP 7.0+ Resolution This observed behavior is expected and poses no security risk. The...

Issue When configuring an OpenID Provider and trying to log in with an user, the callback to the portal shows an error message similar to the one below: Internal Server Error An error occurred while accessing the requested resource....

Issue Is Liferay creating a cookies site base? If so, where exactly on the Liferay server would all the cookies be physically kept?  Environment Liferay DXP 7.1 Liferay DXP 7.2 Liferay DXP 7.3 Liferay DXP 7.4 Resolution The majority of Liferay's cookies are of the "Persistent" type. As...

Issue Users who are not registered with the Liferay application are able to log in even though they have no connections. Environment Liferay DXP 7.0 to 7.4 Resolution Users log into Liferay DXP by using the Sign In widget, which uses the database to authenticate the user based on...

Issue In Liferay, a vulnerable version of Lodash 4.17.14 is being used. Environment Liferay DXP 7.0 Resolution The observed behavior is a known issue LPE-17236 and has already been fixed in the latest fix pack de-102-7010. Please raise a ticket including the latest patching-tool.info if...

Issue Is there any OOTB option to configure SAML for two sites on the same instance? Whether creating a new instance for a site would help to configure SAML? Environment Liferay DXP 7.2 Liferay DXP 7.3 Resolution Is there any OOTB option to configure SAML for two sites on the same...

Issue There is no error messages from api json services. How to manage the serialization and access to  Json services In Liferay Portal 6.2 or DXP7.0 the server response is serialized and shows information related with server errors but now their are empty. Environment Liferay DXP...

Note: please note that Liferay has renamed its Liferay Experience Could offerings to Liferay SaaS (formerly LXC) and Liferay PaaS (formerly LXC-SM). Issue We need to have some domains with custom certificates and others using provided Let's Encrypt certificates. Is it possible setting...

Issue SAML has abruptly stopped working, and no user can log in. The Liferay console contains the following errors: DEBUG [ajp-nio-172.1.129.26-8080-exec-351][BaseSignatureTrustEngine:200] Attempting to establish trust of KeyInfo-derived credential DEBUG...

Please be aware that the page you are viewing has been machine translated from Japanese into English and may contain some translation errors. If you observe any issues with the translation, please contact us. Issue Does CVE-2022-34305 affect Liferay? Environment Liferay DXP 7.0+ solution...

Note: please note that Liferay has renamed its Liferay Experience Could offerings to Liferay SaaS (formerly LXC) and Liferay PaaS (formerly LXC-SM). Issue When navigating some incorrectly crafted URLs (ex.:...

Please be aware that the page you are viewing has been machine translated from Japanese into English and may contain some translation errors. If you observe any issues with the translation, please contact us. Issue Error message is not displayed when an error occurs in JSONWS Do not...

Issue When sending emails, the error "unable to send message: 554 X.X.XXX SendAsDenied" occurs. Steps to reproduce: 1. Configure the outlook mail server to send email notifications in Liferay 2. Sometimes, the following errors occurred while sending emails. 2022-06-26 09:55:21.121 ERROR...

Issue The JSESSIONID cookie that comes with Liferay requests in the browser is not secure by default when inspected in the browser. Environment Liferay DXP 7.3 Resolution Set the JSESSIONID in web.xml to secure: <session-config> <cookie-config> <http-only>true</http-only>...

Issue When sending emails, the error "unable to send message: Could not connect to SMTP host: smtp.office365.com, port: 587" occurs. Steps to reproduce: 1. Configure the outlook mail server to send email notifications in Liferay 2. Sometimes, the following errors occurred while sending...

Note: please note that Liferay has renamed its Liferay Experience Could offerings to Liferay SaaS (formerly LXC) and Liferay PaaS (formerly LXC-SM). Issue CrowdStrike’s Falcon Overwatch has discovered a malicious framework that targets Microsoft  Exchange servers but it can also run...

Note: please note that Liferay has renamed its Liferay Experience Could offerings to Liferay SaaS (formerly LXC) and Liferay PaaS (formerly LXC-SM). Issue I would like to change my webserver login credentials. Environment Liferay PaaS Resolution By default, the webserver nginx.conf uses...

Issue You might encounter an issue where after the SSO setup, you start having problems with OAuth 2.0 and the call to /o/oauth2/token is failing with a "401 Unauthorized error". Also if you use Apache you might see the following: "POST /o/oauth2/token HTTP/1.1" 401 381 "-"...