Capability

Security

検索バー

Liferay DXP is built with security in mind. A variety of standards based authentication methods and integrations can be used to ensure secure access to a site and its resources. Robust role-based access control with permissions gives you fine grained control over what authenticated and unauthenticated users can access, share, or edit. Liferay DXP’s web services also have a multi-layered and configurable approach to security and authorization.

Feature
Deployment Approach
Control Panel will not open until all portlets are loaded in the page
legacy
Issue clicking on the Global Menu (aka Open Applications Menu) icon in that black bar which is at the top of our UI all of the time (for administrators) does nothing until the page below is fully loaded. Even though...
This server is not compatible with Liferay Sync
legacy Troubleshooting
Issue Unable to connect to Liferay Sync using Liferay Sync Connector 6.0.0. There were no errors visible in the Liferay logs, but upon reviewing the Liferay Sync client application logs, the following...
How to remove Glowroot from the environment in Liferay DXP 7.3
legacy How To
Issue Steps to remove Glowroot from lower and production environment in Liferay Environment Liferay DXP 7.3 Resolution Stop the server. Kindly take a backup of the Glowroot folder. Remove the -javaagent:[path of...
Error 406 No locales match the accepted languages
legacy Troubleshooting
Issue When creating web content using POST, PUT, or PATCH API requests, an Error 406 is returned if no locales match the accepted languages: { "status": "NOT_ACCEPTABLE", "title": "No locales match the accepted...
Denied access to model object as it does not belong to current company
legacy Troubleshooting
Issue An error message stating "Denied access to model object as it does not belong to current company" occurs when attempting to access a DLFile that resides in a different company than the template...
Form container is not visible for a custom role
legacy Troubleshooting
Issue When editing a page in Liferay that involves dragging fragments, some users may notice that the container fragment is not visible. However, when logged in as an admin, the fragment appears...
Cannot access .zip file error occurs when installing a hotfix with Patching Tool
legacy Troubleshooting
Issue When I try to install a hotfix in my environment I get the following error:  Installing hotfix-3... Cannot access .zip file: ../osgi/portal/com.liferay.portal.zip.jar: java.nio.file.NoSuchFileException:...
Deploying httpclient-osgi modules cause Content is not allowed in prolog error
legacy Troubleshooting
Issue An error occurs when starting Liferay after placing httpclient-osgi modules in the osgi/modules directory.  Unable to parse metadata XML at "bundleentry://.../OSGI-INF/metatype/metatype.properties" for bundle...
Display page template does not show content related
legacy Troubleshooting
Issue We add a Content Display fragment to a Display Page template to show the related content, but when we select the Display Page from a web content and click Preview, the Display Page doesn't show the web...
No license after restoring uploaded backup
legacy Troubleshooting
Issue I have uploaded to our PaaS environment a backup of our on-premise environment (for migration to PaaS reasons) Problem: When I restored this backup, the result was an instance without License, asking for a license...
Character replacement in web content with CKEditor
legacy How To
Issue When modifying the text entered in a text area of a web content in edit mode and publishing it, line breaks are automatically added in the generated HTML. After publishing, the <br> tags are automatically...
Cannot add segment with thousands of conditions due to indexing problems
legacy Troubleshooting
Issue When adding a segment with with thousands of conditions there are problems with the indexing by Elasticsearch. The logs show a StackOverflowError stacktrace. Environment Quarterly Release 2023.Q3 Resolution...
Getting ORA-01795 when editing a DDM structure
legacy Troubleshooting
Issue I'm trying to edit an DDMStructure and I got the error : => Edit xxx is temporarily unavailable. If I look at the logs I see this error : Caused by: java.sql.SQLSyntaxErrorException: ORA-01795: maximum number of...
Dispatch Trigger Error: No DispatchTrigger Exists with Primary Key XXXXX
legacy Troubleshooting
Issue We are encountering an error related to Liferay's dispatch framework, where the system is attempting to process a non-existent dispatch trigger. The error message is as follows: ERROR...
"Error: Your Request failed to complete" sporadically populates within the UI
legacy Troubleshooting
Issue After upgrading to version 7.4u41, we've encountered a sporadic error message that appears within the UI. Error: Your Request failed to complete  This issue manifests on various pages during the loading...
How can I determine the Liferay version in our SaaS environment?
legacy How To
Issue Where can I find the exact Liferay version deployed in our SaaS environment? Environment Liferay SaaS Resolution Starting with DXP 2024.Q1.1 Quarterly Release, you can find the exact Liferay version by going...
Font Awesome not included in Liferay product
legacy How To
Issue Font awesome icons are not available from version 2024.Q3 and is not possible to Enable it from System Settings.  Trying to add an html with some font awesome icons will not be rendered, for...
Web Content Style references to Document Library are not processed with Staging enabled
legacy Troubleshooting
Issue Web Content style references to Document Library, on environments with Staging enabled, may not display correctly for logged-out users. However, the references are visible for users logged in with access to...
Liferay PaaS - Builds are triggered from multiple branches when pushing one branch
legacy Troubleshooting
Issue In Jenkins, we are seeing how builds are triggered from multiple branches when there is a single push to one branch. This seems related to branch indexing and Jenkins multibranch pipeline. What can we do to...
A/B Testing - When will the data show up?
legacy Troubleshooting
Issue We have an A/B test ongoing. We did an automated browser test (Cypress UI with multiple different browsers) to simulate end users and the data did not show there right away or even the same day? At which time of...
Liferay Throws java.lang.ClassCastException: class org.apache.xerces.parsers on Login
legacy Troubleshooting
Issue Liferay throws a ClassCastException after upgrading, the upgrade logs show no errors.  Liferay throws an error after non-graceful shutdown ERROR [http-nio-8080-exec-8][AutoLoginFilter:247] Current URL...
Can default landing pages be based on user group membership?
legacy How To
Issue I would like to set default landing pages based on user group membership so that I can redirect users to different pages on login based on their user group membership. Environment Quarterly Releases...
SCIM API is not working as expected to link existing users to SCIM Client
legacy
Issue I'm unable to use the PUT API to update users as linked to the SCIM Client. I'm not able to add new users and then update them using the PUT API linking them to the SCIM client. Environment 2024.Q1+ Resolution...
How do you stop Liferay from saving files to tomcat/temp/?
legacy
Issue How do I prevent Liferay from saving files in the tomcat/temp/ directory? Environment Liferay DXP Quarterly Release Resolution There is no OOTB way to stop files from saving in the tomcat/temp/...
Is Liferay DXP affected by CVE-2024-38286?
legacy Troubleshooting
Issue Is Liferay DXP affected by CVE-2024-38286? CVE-2024-38286 is an Apache Tomcat vulnerability wherein Apache Tomcat, under certain configurations on any platform, allows an attacker to cause an OutOfMemoryError by...
Headless API is still returning properties from items in the recycle bin
legacy
Issue After we delete an image that was linked to a document through a structure and it's in the recycle bin, the Headless API is still returning all of its image details in the response. Environment 7.4...
Custom portlet renders the language resources as the key
legacy Troubleshooting
Issue Custom portlet renders the language resources as the key. What should we change in our code to render the language correctly? Environment Liferay DXP 2024.Q2 Quarterly Release Resolution There’s a workaround...
(Cloud) Spring Boot Client Extension fails with [invalid_token_response] An error occurred while attempting to retrieve the OAuth 2.0
legacy Troubleshooting
Issue We have a Spring Boot extension client that interacts with the Liferay APIs and that makes the OAuth2 challenge via OAuth2AccessToken oAuth2AccessToken =...
A/B testing - How are unique sessions interpreted?
legacy
Issue How is a unique session interpreted? Environment Analytics Cloud Liferay DXP Resolution The user sessions have a window of 30 minutes since the first event has been sent when a user accesses DXP. In this...
A/B Testing - Why is there a delay?
legacy
Issue We have an A/B test ongoing. Why is the data shown in Analytics Cloud with a significant delay? Environment Analytics Cloud Resolution We update the A/B Testing experiments daily so that is the cause of the...
A/B Testing - How are sessions work in relation to browser windows, tabs, private/incognito windows?
legacy
Issue If I open a browser and visit a A/B testing page and do an action - is this considered one session? If I open a new window or tab and do it again, is it a same session or a different session? If I open a new...
How long does it take for the custom domain to be working in Liferay PaaS?
legacy
Issue After adding custom domains to the Liferay cloud service, how long does it take to reflect the changes? Environment Liferay DXP 7.4 Resolution For the custom domain to work as expected (redirecting...
Error 404 when trying to access Web Content & Document Media using a domain name
legacy Troubleshooting
Issue Error 404 when trying to access Web Content & Document Media using a domain name over the machine IP for the Liferay instance. Environment Windows Server 2019 using IIS Web Server Liferay...
Asset Publisher's filter to structures doesn't work
legacy Troubleshooting
Issue When we try to filter to certain structures of web contents in the Asset Publisher's Source - Asset type configuration, we get the wrong web contents listed We expect the structures displayed in the...
Public access of database
legacy
Issue How users can enable public access to the database of their PaaS environment Environment Liferay self-managed (LXC-SM) Resolution Enabling even read permissions to the database is a huge security risk....
Dynamic Data List Template
legacy Troubleshooting
Issue Users are unable to edit the Dynamic Data List Template in DXP 7.4 since the dynamic data List template editor is not visible Environment Liferay DXP 7.4 [all versions] Quarterly Release Resolution Users need...
Password for LDAP and Liferay users should not expire
legacy Troubleshooting
Issue After integrating Liferay with the LDAP server for users, the passwords for the users are expiring after some time and are required to be reset again. Is there any way for the passwords to never...
Users are not able to see the tasks under the 'My Workflow Tasks' menu
legacy Troubleshooting
Issue Users are unable to see the tasks under the 'My Workflow Tasks' menu after a workflow has been assigned to them for approval and the following errors related to elastic search and Kaleo instance token...
Deployment dependencies that require internet connectivity (On-premise)
legacy
Issue What are the necessary dependencies that require internet connectivity during the build and runtime of a project?  Environment Liferay DXP 7.4 Resolution Technically, all dependencies are downloaded...
Block the traffic based on the regions
legacy How To
Note: please note that Liferay has renamed its Liferay Experience Could offerings to Liferay SaaS (formerly LXC) and Liferay PaaS (formerly LXC-SM). Issue Is it possible to block the request on the site based on the...