Search Results

All Results 435
ソート
Resource Type
Applicable Versions
Deployment Approach
Capability
Feature
Providing User Data in SAML AuthnResponse Packets
legacy How To
SAML communication occurs via request and response packets between an identity provider and a service provider. This article addresses how to provide user data within the response...
Performance Issue With LDAP Imports When Using Oracle Database
legacy Troubleshooting
This article is regarding a performance issue that may surface when executing an LDAP import using the UserGroup method for a large amount of users. Specifically, the issue is that the...
JSON Authentication for Custom Portlets
legacy Troubleshooting
Liferay will support our API and resolve any issues and answer any questions having to do with the API itself or any other part of Liferay's software. Issues and questions regarding custom development may be handled by...
Quick Start Guide to SAML on Liferay Portal 6.1 EE GA2
legacy How To
This article is a legacy article. It applies to previous versions of the Liferay product. While the article is no longer maintained, the information may still be applicable. SAML (Security Assertion Markup Language) is...
List of Cookies That Are Affected at Liferay Login
legacy How To
In compliance to the European Union Cookie Directive, please see the following articles in reference to cookies that Liferay has set upon at login. Resolution How HTTP Cookies are...
Virtual LDAP Server Plugin Setup
legacy How To
The following article gives a basic use case for Liferay's Virtual LDAP Server Plugin. Liferay's EE Virtual LDAP plugin turns Liferay portal into a virtual LDAP server that can be accessed by external LDAP explorer...
User Cannot Log In to Sync Client When SAML SSO and OAuth Are Enabled
legacy Troubleshooting
This article documents a known issue where users cannot log in to the Sync Client if both SAML and OAuth are enabled. As a result, authentication fails with a blank screen on Sync client. Repeated warning messages will print...
Implementing NTLM Seamless Login
legacy How To
This article is a legacy article. It applies to previous versions of the Liferay product. While the article is no longer maintained, the information may still be applicable. After successfully configuring Liferay...
How Password Policies are Applied in Liferay
legacy
This article describes several cases in which a user can receive a password policy. Resolution Here are several use-cases outlining how password policies are applied in Liferay Portal. Case 1 When a user and all...
LDAP Frequently Asked Questions
legacy
This article is a legacy article. It applies to previous versions of the Liferay product. While the article is no longer maintained, the information may still be applicable. As many Liferay subscribers use...
Disabling the Authentication System and Delegating It to an LDAP Server
legacy How To
By default, the Liferay platform always uses its own authentication system that checks and validates the user password in its own database. Even if you enable LDAP settings and set it...
Spring Framework Security Vulnerabilities: CVE-2018-1270, CVE-2018-1271, CVE-2018-1272
legacy
QUESTION: How are Liferay Digital Enterprise 7.0 and Liferay Portal affected by the Spring Framework Vulnerabilities: CVE-2018-1270, CVE-2018-1271, and CVE-2018-1272? Resolution Impact to Liferay CVE-2018-1270: Liferay...
Defining Encryption Algorithms for Passwords Stored in the Database
legacy How To
By default, Liferay encrypts the passwords that go into the database. The default algorithm is SHA-1 in 6.0 and 6.1 versions, which changed to PBKDF2WithHmacSHA1/160/128000 in version...
Elasticsearch and Liferay Enterprise Search Security Advisory: CVE-2018-3831
legacy
CVE-2018-3831 reports that, "Elasticsearch Alerting and Monitoring in versions before 6.4.1 or 5.6.12 have an information disclosure issue when secrets are configured via the API. The Elasticsearch _cluster/settings...
Apache Struts 2 Vulnerability: CVE-2017-9805 and CVE-2017-12611 - REST XStream FreeMarker
legacy
The following Common Vulnerabilities and Exposures (CVE) have been reported for Apache Struts 2: CVE-2017-9805 CVE-2017-12611 CVE-2018-1327 - REST XStream FreeMarker CVE-2018-11776 How are Liferay DXP (both 7.0 and...
Excluding User Groups Not Part of the BaseDN In LDAP Import
legacy How To
This article is a legacy article. It applies to previous versions of the Liferay product. While the article is no longer maintained, the information may still be applicable. In older versions of Liferay Portal...
Open LDAP setup guide
legacy How To
Liferay Support does not recommend or endorse specific third-party products over others. Liferay is not responsible for any instructions herein or referenced regarding these products. Any implementation of these principles...
Java NPEs in the Console When Refreshing the CAPTCHA Image
legacy Troubleshooting
This article documents a known issue where refreshing the CAPTCHA image causes a Java NullPointerException (NPE) to be triggered. Please note that the CAPTCHA image will still be refreshed. Steps to Reproduce Start the...
JSESSIONID Changes as Part of Liferay Security
legacy
This article documents Liferay's position regarding the Session Identifier (JSESSIONID), including how and why a new JSESSIONID is generated.  Resolution Customers doing their own security scan of the Liferay platform...
WeDeploy Auth Admin Portlet in Liferay DXP 7.0 Fix Packs
legacy Troubleshooting
When deploying Liferay DXP 7.0 Fix Pack 24, 25, 26 or 27, the WeDeploy Auth Admin portlet will appear in the Control Panel. WeDeploy is currently a beta product. The addition of this portlet will have no impact or...
Receiving Mixed Mode Warning when ReCaptcha is enabled on site with HTTPS
legacy Troubleshooting
This article is a legacy article. It applies to previous versions of the Liferay product. While the article is no longer maintained, the information may still be applicable. The...
False Security Issue in FCKEditor and Liferay 6.x Reported as CVE-2018-10795
legacy
Recently, a security vulnerability was filed in Mitre under CVE-2018-10795 reporting an issue in FCKEditor and Liferay Portal 6.x versions. Resolution Liferay disputed this issue because file upload is an expected...
Setting Up OpenAM With Liferay Portal 6 on Tomcat
legacy How To
Liferay Support does not recommend or endorse specific third-party products over others. Liferay is not responsible for any instructions herein or referenced regarding these products. Any implementation of these...
Making Liferay CAPTCHA Easier to Read in Liferay Portal 6.1
legacy How To
This article is intended for legacy versions of Liferay Portal CAPTCHA is an industry standard security measure that requires users to enter what they see a small window as part of the validation process when creating an...
Setting Up NTLM With Liferay
legacy How To
NTLM (NT Lan Manager) is a suite of Microsoft security protocols that provides authentication, integrity, and confidentiality to users. When Liferay Portal is successfully integrated with NTLM, Active Directory users...
Setting Up Liferay Portal with Active Directory Server
legacy How To
The details of this article may also be covered in Configuring Liferay's LDAP Settings to Import Users. This article provides a comprehensive walkthrough for integrating an Active Directory Server with Liferay...
Using Liferay Connector to OAuth 2.0 in Liferay DXP 7.1
legacy How To
What is OAuth? It is a utility that authorizes third party applications to interact with the Liferay platform. The OAuth example from our official documentation is worth repeating here; users can make Twitter or...
LSV-391: Security Advisory for Vulnerability With Pingback in Blogs
legacy How To
This advisory comes in response to the recent public announcement of a potential Server-Side Request Forgery (SSRF) vulnerability in Liferay Portal 7.0.4. The report talks about a perceived vulnerability for the...
Configuring Theme-Embedded Portlets After Deploying Security-Hotfix-11-6012
legacy How To
This article is a legacy article. It applies to previous versions of the Liferay product. While the article is no longer maintained, the information may still be applicable....
Avoiding Authentication Errors With IE8 and IE9
legacy Troubleshooting
This article is a legacy article. It applies to previous versions of the Liferay product. While the article is no longer maintained, the information may still be applicable. When a session of Liferay times-out, an...
Applying Security Update 2012-05-25 requires Tunnel-web
legacy Troubleshooting
This article is a legacy article. It applies to previous versions of the Liferay product. While the article is no longer maintained, the information may still be applicable. When...
SAML Comprehensive Quick Start Guide for Liferay Portal
legacy How To
This is a comprehensive article that documents the steps for how to set up SAML on Liferay Portal 6.2 EE. In addition, this article covers the different ways that SAML can be implemented and utilized. SAML (Security...
Using Liferay Connector to OAuth EE
legacy How To
What is OAuth? It is a utility that authorizes third party applications to interact with the Liferay platform. The example from our official documentation is worth repeating here; users can make Twitter or Facebook...
Using the Data Migration Tool in Liferay Portal
legacy How To
This article describes the two uses of the data migration tool in the system administration section of Liferay Portal. The Data Migration Tool is fully supported for Liferay Portal 6.2...
LDAP Import Rejects Users From Certain Domains
legacy Troubleshooting
This article explains why users from specific domains are not imported through LDAP due to the email address validator in the Liferay platform, and provides a solution to resolve this if a specific domain is required...
Configuring Liferay DXP as SP and OKTA as IdP
legacy How To
This article documents the basic steps users need to execute in order to set up their instance of Liferay DXP as SP, and OKTA as IdP. Resolution OKTA Configuration Log in to OKTA and navigate to Admin > Add Application...
ユーザー認証
Official Documentation
User Authentication The User Authentication settings define how Users can authenticate, the various authentication methods that are required for them, and the screen names and email addresses that...
LDAPディレクトリへの接続
Official Documentation
Connecting to an LDAP Directory Lightweight Directory Access Protocol (LDAP) servers are common user stores for Liferay DXP. You can configure LDAP at the system scope in System Settings or at the...
アカウントアドレスへのサブタイプの追加
Official Documentation
Adding Subtypes to Account Addresses Liferay DXP 2025.Q2+ In addition to billing and shipping address types, administrators can define and assign custom subtypes for account addresses. This...
プライバシー設定の管理
Official Documentation
Managing Privacy Settings You can ensure GDPR compliance for your cookies and collect administrator usage data (such as Control Panel and Product Menu interactions) using Liferay's configuration...