Search Results

All Results 437
ソート
Resource Type
Applicable Versions
Deployment Approach
Capability
Feature
How to Configure Liferay DXP with Multiple IdPs (OKTA via SAML and OIDC)
legacy How To
This article documents the way to configure Liferay DXP 7.x as a Service Provider working with two SSO protocols (Okta using SAML 2.0 and Google OpenID Connect). The basic configuration can be achieved within Liferay out of the box, but extra custom code is required to make it fully...
How to kill the session on browser (tab or window) close?
legacy Troubleshooting
Issue The user session should be terminated immediately if they close the browser tab or window. Environment DXP 7.0 + Resolution Liferay maintains the session of 30 minutes by default and Liferay doesn't provide any such kind of OOTB feature or property to fulfill the business-specific...
Reset Connection option is missing on the License page in DXP 7.3
legacy Troubleshooting
Issue The reset connection option is missing on the License page in DXP 7.3 which is available on the previous releases. Environment Liferay DXP 7.3 GA1 Resolution This is a known limitation of the product that might be resolved in future versions of the Liferay. In order to resolve the...
Disable password verification for SSO users
legacy How To
Issue When changing the screen name or email address of a user, the portal now requires a password verification. This was not a requirement for previous versions of Liferay. Environment DXP 7.3+ Resolution This is a change implemented under LPS-112726 to address security concerns....
I cannot create new Virtual Instance with error Screen name must not be null
legacy Troubleshooting
Issue When I try to create a new Virtual Instance, the portal displays the error "Your request failed to complete". The portal log shows the following error: ERROR [default task-29][EditInstanceMVCActionCommand:121]...
Importing LDAP settings through osgi/config files does not import password
legacy
Issue LDAP settings can be imported into the Liferay environment using osgi/config files These settings are imported into System Settings, and can then be configured for an individual instance in Instance Settings When adding a LDAP server in Instance Settings, the password field is not...
Content-Security-Policy Header Integration
legacy
Issue How can a CSP (content security policy) HTTP header that enables only specific external resources to be loaded in the frontend be implemented? Environment Liferay DXP 7.2 Resolution CSP is not currently supported by Liferay at the product level. Liferay DXP and its predecessor,...
HTTP Strict Transport Security (HSTS) Header Not Used
legacy How To
Issue The HSTS header cannot completely defend against man-in-the-middle attacks. However, it can be useful in defending against an attack in which an attacker establishes an encrypted connection to the application and presents an unencrypted fraudulent service to the user. This is...
Verbose Error Messages
legacy How To
Issue The name of the technologies used, such as Apache Coyote, Tomcat, etc. are visible. Environment Liferay DXP 7.2, DXP 7.3 Resolution  Each application is responsible for allowing its information to be displayed but not Liferay. We can definitely restrict the Verbose related to...
Known Vulnerabilities with Liferay AntiSamy
legacy Troubleshooting
The following issue may compromise the security of your Liferay Digital Experience Platform implementation.  Vulnerability Information The Liferay AntiSamy app depends on third party libraries that have known vulnerabilities. Affected Products Liferay AntiSamy 2.0.x (for Liferay Portal...
Avoid or allow that some applications can be dynamically displayed in a page
legacy How To
Issue The permissions system for an application (portlet) includes a security check when the application is going to be displayed in a page. Normally, the users should not be able to see applications if the administrator did not configured/added previously to that page. It is feasible to...
Replacing NTLM SSO with Kerberos in Liferay Portal 6.2
legacy How To
Issue NTLM SSO protocol has some vulnerabilities addressed by Microsoft in CVE-2020-1472 (external link), forcing to use the secure RPC connection. See also How to manage the changes in Netlogon secure channel connections associated with CVE-2020-1472 (external link). It's not possible...
Unable to upload file bigger than 10MB with ClamAVSizeLimitException after enabling Antivirus
legacy Troubleshooting
Issue Unable to upload a file bigger than 10MB after enabling antivirus with the following error in the log 2021-07-19 08:35:43.476 ERROR [http-nio-8080-exec-9][PortletServlet:119] javax.portlet.PortletException: fi.solita.clamav.ClamAVSizeLimitException: Clamd size limit exceeded. Full...
Known Vulnerabilities with Liferay Fjord Theme and 1975 London Theme
legacy Troubleshooting
The following issue may compromise the security of your Liferay Digital Experience Platform implementation.  Vulnerability Information The Liferay Fjord Theme and Liferay 1975 London Theme depend on third party libraries that have known vulnerabilities. These vulnerabilities affect the...
How can we get a complete picture of a user's activity history?
legacy How To
Issue Is there a way to find out how and by whom a user was created? Environment Liferay DXP 7.2 Resolution The steps below can be used to track user activity. Log in by 'Test' user (Admin User) Create a new user (Name: user1 u1, Screen Name: user1) and assign Administrator Role to it....
How to set up a Mail Server with DXP to receive email notifications?
legacy How To
Issue This article outlines how to set up a Mail Server and SMTP in Liferay DXP to receive emails. Environment Liferay DXP 7.3 Resolution Liferay DXP uses a mail server and SMTP to get email notifications. Liferay DXP’s built-in mail session is the easiest way to configure mail and it’s...
NTLM and NTLMv2 in Liferay Portal 6.2
legacy
Issue The question is whether Liferay Portal 6.2 supports NTLM and NTLMv2 Environment Liferay Portal 6.2 Resolution The library used in Liferay Portal 6.2 supports both NTLM and NTLMv2 There is a property that can be set in portal-ext.properties to control the LMCompatibility in the...
Session Management in Liferay
legacy
Issue How the sessions are managed in Liferay and what are all the different types to configure the same. Also, whether the Liferay session work for the javascript disabled browsers? Environment Liferay DXP 7.1 Resolution How sessions are managed in Liferay Application server will manage...
Is functionality impacted when upgrading to Bootstrap 5 in portal 6.2 ? Is it supported ?
legacy
Issue Requirement is to upgrade the Bootstrap library.  Is functionality impacted when upgrading to Bootstrap 5 in portal 6.2 ?  Is Liferay portal 6.2 compatible with Bootstrap 5? Is it supported ? Environment Liferay portal 6.2 Resolution Note: Please choose to follow unofficial...
Forgot Password is not popped up with an error when providing an email address that doesn't exist in the DB
legacy
Issue In the 'Forgot Password' option, while trying to provide an email id that doesn't exist in the database, the user can proceed to answer the security question. Whereas an error is not popped up saying the user's email address does not exist. Also, in this case, the security question...
Is there a way to allow upper cases in a screen name?
legacy
Issue Is there any way to ensure that a user's screen name maintains the same capitalization that is present in the AD (Active Directory) when the user is imported into Liferay? Environment Liferay DXP 7.2 Resolution In DXP, there is no out-of-the-box functionality to support capital...
Any user who has not securely logged out will have their session terminated?
legacy
Issue Terminating the session of any user who has not properly logged out, for example, who has unexpectedly closed the transaction window, etc. This user does not have to wait for the default time-out to be established before being able to log in again Environment Liferay 6.2 Resolution...
Password verification needed at time of changing user screen name & email address
legacy
Issue Password verification is required whenever a user needs to update its screen name or email address Environment Liferay DXP 7.3 Resolution A feature request has been already created in order to add a toggle for enabling & disabling this password verification feature. Although the...
When Setting Okta up as an SSO for Liferay PaaS, how can I generate IdP metadata in Okta without first having SP metadata?
legacy Troubleshooting
Note: please note that Liferay has renamed its Liferay Experience Could offerings to Liferay SaaS (formerly LXC) and Liferay PaaS (formerly LXC-SM). Issue The documentation for setting up an SSO with Liferay PaaS instructs clients to provide IdP metadata to the Liferay Cloud team before...
Does the Encryption Key that is generated per company id for the Liferay Installation ever change?
legacy
Issue Does the Encryption Key that is generated per company id for the Liferay Installation ever change? Environment Liferay 7.2 Resolution The following portal properties will alter the encryption key for a Liferay installation: # # Set this to the appropriate encryption algorithm to be...
How to create Custom attribute in MS Active Directory and configure in Liferay
legacy How To
Issue Is there any way to map a custom attribute in Liferay created from MS Active Directory? Environment Liferay Portal 6.2 Resolution Liferay provides an OOTB option to achieve the custom attribute mapping. # # When importing and exporting users, the portal will use this mapping to #...
Externalize Session Management
legacy
Issue  The session details should be stored in a centralized server so that it is shared with all the available nodes. Environment Liferay Portal 6.2 Resolution This is a specific business requirement that falls beyond the scope of Liferay support as this is something which is related to...
Disable Admin password reset email notifications
legacy
Issue The user should not receive the email notification for the password change. Environment Liferay DXP 7.0 Resolution The requirement is not available out of the box in Liferay. If you want to achieve this functionality, you can achieve it through customization.  Additional...
How to configure liferay to invoke web services with Digest Auth
legacy How To
Issue How to configure Liferay to invoke web services with Digest Auth and use it in a client. As example we'll use POSTMAN Environment Liferay DXP 7.1+ Resolution As example, we are going to configure the access to http://localhost:8080/api/jsonws/company/get-companies method in...
OpenID Connect does not work with Azure AD B2C
legacy Troubleshooting
Please note that this Fast Track applies to versions before our Quarterly Release 2024.Q1. From Quarterly Release 2024.Q1 on, this function is enabled as described in LPD-9397. Please refer to Using OpenID Connect for more information. Issue OpenId Connect (OIDC) authentication does not...
How do I add Captcha in Sign in Portlet?
legacy
Issue I would like to add Captcha in Sign in Portlet, as I can do in Create Account and Forgot Password options. Environment DXP 7.3 Resolution Unfortunately, there is no out-of-the-box feature to enable Captcha validation in the Sign in Portlet in the current version of Liferay....
How to Setup HTTPS on Tomcat for Liferay Portal 6.2 and DXP 7.0
legacy How To
Liferay Support does not recommend or endorse specific third-party products over others. Liferay is not responsible for any instructions herein or referenced regarding these products. Any implementation of these principles is the responsibility of the subscriber. This article will...
Post deployment of SAML plugin the SAML Admin page is blank
legacy Troubleshooting
Issue After deploying the SAML plugin in the Liferay instance, the SAML admin page displayed blank. Below Stack trace occurs in the log at the time of performing the above actions. 2021-03-23 19:14:22.610 WARN [ajp-nio-8009-exec-5][PortalImpl:1030] Redirect...
Restrict guest users from accessing login page when attempting to access a protected page or resource
legacy How To
Issue By default, guest users are prompted to the login page when they are attempting to hit a url or access a resource that is protected and not available to guest users. I do not want guest users to be redirected to the login page.  Environment Liferay Portal  Liferay DXP Resolution...
What difference is there between System Setting and Instance Setting LDAP configurations?
legacy
Issue There are two locations within Liferay DXP where LDAP configurations can be set. One is the System Settings (Control Panel -> Configuration -> System Settings -> Security -> LDAP) and the other the Instance Settings (Control Panel -> Configuration -> Instance Settings -> Security...
How do I Add More Than One Field To the Custom Mapping Sections in My 7.0 LDAP Setup?
legacy How To
Issue I would like to add multiple fields to the custom mappings section in my LDAP setup. Environment DXP 7.0 Resolution During LDAP setup, navigate to Control Panel > Configuration > Instance Settings, in the Configuration tab scroll down to Authentication > LDAP and select the Add...
New Virtual Instance cannot be created if "passwords.default.policy.check.syntax=" is set to true
legacy Troubleshooting
Issue If I set passwords.default.policy.check.syntax=true in my portal-ext.properties file, I cannot create a New Virtual Instance I get an error in the logs: ERROR [ajp-nio-127.0.0.1-8009-exec-34][EditInstanceMVCActionCommand:121]...
Users without Admin role cannot initiate SSO on the SP when using expando fields
legacy Troubleshooting
Issue When using expando field as "Name Identifier Attribute Name=expando:concurid", user without Administrator role can not initiate SSO. Steps to reproduce: On IdP end Add a custom field 'field1' for user.  Go to SAML Admin > Service Provider Connections, make sure the "Name Identifier...
How to resolve "User 'x' must have 'y' permission" errors encountered while performing staging publication processes
legacy Troubleshooting
Issue Our team would like our staging managers to not be administrators, so we are only providing them with select permissions. However, publication attempts encounter errors such as:  ERROR [liferay/background_task-1][EventRemotePropagatorExportImportLifecycleListener:222] Unable to...
Sensitive Information disclosed via Application Status 400 Error
legacy Troubleshooting
Issue Application Server errors at times may identify software, software versioning and hint at how user input is processed. This sample trace to demonstrate was triggered by having invalid characters (namely a set of square brackets '[ ]' ) in a given URL. Tomcat considers the address...
Commerce modules fail to deploy due following license expiration
legacy Troubleshooting
Note: please note that Liferay has renamed its Liferay Experience Could offerings to Liferay SaaS (formerly LXC) and Liferay PaaS (formerly LXC-SM). Issue There has been a documented case where Commerce modules fail to deploy following license expiration and redeployment WARN...
After performing a security configuration, our users can no longer add Categories in Web Content
legacy
Issue After applying the workaround indicated in this Security Advisory LSV-545: Unauthenticated Remote code execution via JSONWS (CVE-2020-7961), every client-side web service call to the JSONWS-API is failing: json.web.service.enabled=false This does not allow users to set Tags,...
Disable Email Verification in DXP 7.3
legacy How To
Issue In DXP 7.3, new users have to verify their email address in their initial login. I want to disable this verification requirement. Environment DXP 7.3   Resolution In DXP 7.3, the default value for company.security.strangers.verify= has been changed to true. Set it back to...
Got the error "saml-hook.war does not support this version of Liferay" after deploying the Liferay Connector to SAML 2.0 lpkg
legacy Troubleshooting
Issue Got the error saml-hook.war does not support this version of Liferay in log after deploying the SAML 2.0 lpkg (version 6.0.0) on DXP 7.1 fix pack dxp-18 Environment Liferay DXP 7.1 Resolution The root cause for this error is that the incorrect SAML 2.0 lpkg version was deployed. To...
SAML Authentication Issue: Message context was not authenticated
legacy Troubleshooting
Issue After enabling the SAML, when the user is trying to log in, authentication failed with the following message. ERROR [http-nio-8080-exec-36][BaseSamlStrutsAction:59] org.opensaml.messaging.handler.MessageHandlerException: Message context was not authenticated Caused by:...
DNSName components must begin with a letter error while starting LDAP server in Apache DS
legacy Troubleshooting
Issue During the configuration of Apache DS I encountered an issue that resulted in an IOException that interfered with starting the LDAP server: ERROR [org.apache.directory.server.wrapper.ApacheDsTanukiWrapper] - Failed to start the service....
Landing page redirection is not working after SAML configuration
legacy Troubleshooting
Issue Once the SAML is configured the Landing Page redirection is not redirecting to the desired page. Environment Liferay DXP 7.1 Resolution The pre and post-login actions (like DefaultLandingPage actions) are not compatible with AutoLogin solutions (like SAML). These pre and post-login...
How to resolve a "Failed to define class from Service Module Loader" error
legacy Troubleshooting
Issue Upon installation of security-hotfix-lsv-45 in Liferay Portal bundled with JBoss, a "Failed to define class" error is generated in the Liferay logs. Failed to define class com.liferay.portal.security.xml.SecureXMLFactoryProviderImpl in Module "deployment.ROOT.war:main" from Service...
Couldn't retrieve remote JWK set: Server returned HTTP response code: 401 error occurs when using OpenID Connect authentication with Oracle Identity Cloud Service
legacy Troubleshooting
Environment Liferay DXP 7.0-7.3 Oracle Identity Cloud Service OpenID Connect authentication enabled Symptom When OpenID Connect authentication is enabled in Liferay DXP and Oracle Identity Cloud Service (IDCS) is the configured provider, the following error may occur and users are not...
HTTP 400 response code shows sensitive data
legacy Troubleshooting
Issue Sensitive system information may be seen in HTTP 400 - Bad Response status Environment DXP 7.0   DXP 7.1   DXP 7.2 Resolution The HyperText Transfer Protocol (HTTP) 400 Bad Request response status code indicates that the server cannot or will not process the request due to...
LDAP Performance Issues after upgrading from 6.2 to 7.2
legacy Troubleshooting
Issue Seeing some slowness authenticating with LDAP after upgrading from 6.2 to 7.2. Environment DXP 7.2 [Upgraded from 6.2] Resolution Install Fix Pack 9 or a hotfix that includes LPS-122832 and run the upgrade process again. LPS-122832 reports and fixes the behavior that several...
How to prevent user enumeration attacks through the Forgot Password functionality
legacy How To
Issue Insecure default configuration may allow remote attackers to enumerate users' email addresses via the forgot password functionality. This can be a risk in the case of public-facing deployments. Environment Liferay DXP 6.2 EE Liferay DXP 7.0-7.2 Resolution It is recommended to set...
SAML changes post upgrade from DXP 7.0 to higher version
legacy How To
Issue SAML authentication is being used in DXP 7.0. After upgrading the DXP 7.0 to any higher version, how to configure SAML in the upgraded environment? Environment Liferay DXP 7.1 Liferay DXP 7.2 Resolution Post upgrade, the respective SAML tables will be carried from source version to...
Session Timeout value is overridden during fix pack upgrade
legacy How To
Issue During installation of a fix pack, the value of <session-timeout> is reset to default within web.xml. Is the value of session timeout can be changed 'permanently'? Environment DXP 7.2 Resolution Currently, there is no out-of-the-box option to achieve this on DXP - the web.xml is...
Add custom certificate in SAML configuration
legacy How To
Issue As part of the SAML configuration, it is possible to generate a Certificate and a Private Key. This generates both a self-signed key and a container storekey (in $LIFERAY_HOME/data/keystore.jks by default). How to use a different key instead of the default one? Environment Liferay...
SAML no longer working after upgrading Liferay
legacy Troubleshooting
Issue After upgrading Liferay from Liferay DXP 7.0 to Liferay DXP 7.2, SAML is no longer working and users are no longer able to authenticate using SAML. It is possible that the following error will also appear in the logs in the Identity Provider as well as the Service Provider,...
Denied resolving class [...] error is shown in custom FreeMarker/Velocity templates (LSV-658)
legacy Troubleshooting
Issue Custom FreeMarker and Velocity templates generate the following error after installing a fix pack: Denied resolving class [...] by org.apache Environment Liferay DXP 7.0 FP92+ Liferay DXP 7.1 FP18+/SP5+ Liferay DXP 7.2 FP6+/SP2+ Resolution The behavior originates from an...
Why p_p_auth token is exposed in the URL? Could it be a security risk?
legacy
Issue On Liferay Portal 6.2, p_p_auth token is exposed in the URL. It might be considered as a security risk. Environment Liferay Portal 6.2 Resolution No attacker or other user can use p_p_auth token, only a legitimate user is able to apply it. Therefore, leaking the token has no value...
SAML logout when session expires
legacy
Issue The Single sign-on and Single log out are working fine when the user manually logs out but there is no Single logout happening on the portal session expiry Environment Liferay 7.0 as IdP Resolution  Service Providers (SP) only receive a maximum validity date contained in the SAML...
How to configure validation directives in AntiSamy
legacy Troubleshooting
Issue When trying to import content between sites, i.e. knowledge base, a validation error arises: An unexpected error occurred with the publication process. Please check your portal and publishing configuration. com.liferay.portal.kernel.exception.SystemException:...

該当件数: 628 件中 361 - 420