Capability

Security

検索バー

Liferay DXP is built with security in mind. A variety of standards based authentication methods and integrations can be used to ensure secure access to a site and its resources. Robust role-based access control with permissions gives you fine grained control over what authenticated and unauthenticated users can access, share, or edit. Liferay DXP’s web services also have a multi-layered and configurable approach to security and authorization.

Feature
Deployment Approach
Configuring OAuth2 for Message Board Mailing Lists
legacy How To
Issue Basic authentication for emails is no longer available for Gmail, can we use OAuth2 connection with them? Google Workspace has announced that third-party apps that use only a password to access Google...
Publication to live fails with an error like "Portlet export failed for portlet com_liferay_exportimport_web_portlet_ChangesetPortlet com.liferay.exportimport.kernel.lar.PortletDataException: No Layout exists with the primary key xxxxx"
legacy Troubleshooting
Issue Publication to live fails with an error like: 2025-04-24 13:42:15.663 ERROR [liferay/background_task-8][LoggerExportImportLifecycleListener:226] Portlet export failed for portlet...
Liferay Dropdown Functionality isn't working properly
legacy Troubleshooting
Issue We've discovered an undesirable behavior when using the Liferay drop-down menu.  Steps to reproduce:  Content Page > Edit > Insert a "HTML" fragment and double click on the fragment Attach the following html...
Can't to edit files in Google Drive or Office 365 in non-production publications
legacy Troubleshooting
Issue When I try to edit a document through Google Drive or Office 365 in a non-production publication, I see a notification in the UI that says "Error: This action can only be performed in production mode."...
Unable to Publish Web Content with Error "RangeError: Invalid time zone specified"
legacy Troubleshooting
Issue After upgrading to 2025.Q1.5, any user with the time zone (UTC +10:00) Australian Eastern Standard Time is unable to publish Web Content.  After clicking Publish with Permissions, the user remains on the...
How to Connect Documents and Media to a Local File System Using a WebDAV URL
legacy How To
Issue Steps to connect the WebDAV URL with your local machine's file system. Environment DXP 7.4 and above DXP 2023.Q4.0 and above Resolution For Fedora and Linux Machines (Before 2023.Q4.0): Navigate to Documents...
AntiSamyモジュールを無効化しても、Webコンテンツにタグを貼り付けた際、属性が自動的に削除される
legacy Troubleshooting
問題 Webコンテンツを編集時に、 タグを貼り付けると、タグの属性が自動的に削除されてしまいます。 一例として、 <p oncontextmenu="return false;">Test</p> をペーストすると、 <p>Test</p> に自動的に変更されます。 Webコンテンツの入力のサニタイズは、AntiSamyモジュールにより行われているのは既知だが、...
Intermittent Digit Loss in Liferay Form Confirmation Field
legacy Troubleshooting
Issue I'm experiencing an issue where digits are unexpectedly removed when quickly typing numbers into a confirmation field within a Liferay Form. Steps to Reproduce: Create a new Liferay Form. Add a numeric field...
Resources Not Displaying Correctly in Page Fragments
legacy Troubleshooting
Issue Page fragments that use resources with Freemarker variables in their URLs do not display correctly when the fragment is viewed on a page. <#assign varResource = "resourceName"/> <img...
Cannot Deploy a Portlet to a Widget Page
legacy Troubleshooting
Issue After deploying a portlet, I'm not able to move it to a widget page. Adding portlets from WAR fails due to the permission checking logic in UpdateLayoutStrutsAction javax.servlet.ServletException:...
PATCH Object Request Fails With Mandatory Vocabulary
legacy Troubleshooting
Issue When trying to perform a PATCH request on an object instance to update a field, if the object has a required vocabulary, the request fails with the following error: { "detail": "Select at least one taxonomy...
Module/Theme data persists after undeploying it and clearing cache
legacy Troubleshooting
Issue After removing a deployable module, some of its data can persist despite clearing the cache which includes the osgi/state folder, and all temp and work directories. For example, after removing a custom theme, its...
Unable to cast String to Long error during upgrade
legacy Troubleshooting
Issue When upgrading from Liferay DXP 7.2 to 2025.Q1, setting the fileMaxSize property in the com.liferay.document.library.configuration.DLConfiguration.config file causes an "Unable to cast String to Long"...
Changing the site logo
legacy How To
Issue How do I change my site's logo in 7.4? Environment 7.4 Resolution Open the Site Menu () and navigate to Site Builder → Pages. Click Options () in the Application Bar and select Configuration. Under Logo,...
Erratic behavior when using pagination in Documents and Media
legacy Troubleshooting
Issue When listing documents in Documents and Media section, some files are missing or duplicated when using pagination. The same can happen in other sections as well, such as Web Content. Environment DXP 7.3 DXP 7.4...
"Missing 'Date Modified' and 'Date Created' Fields in Object Display Page Template Mapping
legacy Troubleshooting
Issue We have a Display Page Template defined for an Object (Documents - Simple Document). In the edit mode, in the list of available variables of the mapping fields, the Date Modified and Date Created fields are...
How do I renew expired SAML certificate?
legacy
Issue We just noticed while browsing through the admin settings that apparently our SAML certificate expired four months ago, but our SSO and login works with no issue. We use Azure AD (Entra) for the Identity Provider...
Organization's users exposed in UI when modifying groupID in Request Body
legacy Troubleshooting
Issue An organization's member list can be seen by manipulating the role member assign(groupID) in a request. Here are the steps to reproduce: Setup browser proxy to 127.0.0.1:8180. For example with Chrome, navigate to...
Fragments and Fragment Compositions Share Permissions
legacy
Issue We want to create a role where a user can have granular control of the layout of a page by creating and editing Fragment Compositions, but not the ability to create or edit fragments themselves, how...
How to map Liferay site roles with Azure AD
legacy How To
Issue How to map Liferay site roles to Azure AD roles when configuring SAML? For example, if there is a role called Content Author under site roles, how to configure this role in Azure AD? Environment Liferay...