Capability

Security

検索バー

Liferay DXP is built with security in mind. A variety of standards based authentication methods and integrations can be used to ensure secure access to a site and its resources. Robust role-based access control with permissions gives you fine grained control over what authenticated and unauthenticated users can access, share, or edit. Liferay DXP’s web services also have a multi-layered and configurable approach to security and authorization.

Feature
Deployment Approach
Content page displays wrong title when special characters are used on it
legacy Troubleshooting
Issue If the title of a Content page has special characters on it, the title will then be displayed with "&". This usually happens when you place the character "&". For example: "Documents & Media", in...
Does CVE-2016-1000027 affect Liferay?
legacy
Issue Security scan shows CVE-2016-1000027 as an active vulnerability, is Liferay affected? Environment DXP 7.4 Resolution CVE-2016-1000027 is known to us, and we can confirm that Liferay should not be vulnerable, as...
Insecure HTTP methods
legacy How To
Issue HTTP methods like HEAD, OPTIONS, TRACE may provide information about the application that can be used in attacks like XST, CSRF, steal of sensitive information. How we can disable insecure/unnecessary http...
SEO - Titles in Google's search results page don't display expected text
legacy
Issue After configuring the "Title SEO" of a page, Google and other search engines don't display the value as-is. If we use a customization to remove the Site and Instance names, they keep showing in search results...
Cannot publish article without friendly url
legacy Troubleshooting
Issue In our Liferay 7.4 instance, editors encounter an error when attempting to publish an article without a Friendly URL, which differs from the behavior in Liferay 7.1. Environment Liferay DXP 7.4 Resolution The...
Adding an Intermediate Certificate in Liferay PaaS
legacy How To
Note: please note that Liferay has renamed its Liferay Experience Could offerings to Liferay SaaS (formerly LXC) and Liferay PaaS (formerly LXC-SM). Issue Sometimes, it is necessary to include an intermediate...
Integration with Vlibras Script
legacy Troubleshooting
Issue When attempting to include the Vlibras script into the page, certain errors arise, causing the script to malfunction or causing buttons and links to stop working properly, for example.  Environment Liferay...
OpenID Connect cannot be enabled on Liferay SaaS setup
legacy Troubleshooting
Note: please note that Liferay has renamed its Liferay Experience Could offerings to Liferay SaaS (formerly LXC) and Liferay PaaS (formerly LXC-SM). Issue Failing to enable OIDC implementation on an instance...
Does CVE-2022-47966 affect Liferay?
legacy
Issue Our security scan has shown CVE-2022-47966 as an active critical vulnerability. Is Liferay affected? Environment DXP 7.2 Resolution The out-of-the-box Liferay product is not affected by this vulnerability. So,...
LCP CLI support for AArch64/ARM64
legacy Troubleshooting
Issue LCP CLI fails to install on environments using AArch64/ARM64 architecture Environment AArch64/ARM64 environments Liferay Cloud command line tool Resolution LCP CLI as of version 3 is not compatible with...
404 error for fragments images after updating site friendlyUrl
legacy Troubleshooting
Issue When we change the site friendly URL, fragment images stop working and 404 errors were found in the browser console. Steps to Reproduce:  Set up Liferay DXP 7.4 Update 74. Navigate to Site Builder > Pages >...
Audit_AuditEvent and UserNotificationEvent tables in the database
legacy
Issue I would like to understand the purpose of eventType column in Audit_AuditEvent and deliveryType in UserNotificationEvent tables. In deliveryType column what is the meaning of the values e.g. 10000,10002 etc. ?...
Increase in file size in webp format
legacy
Issue When rendering the image for my user, I noticed that the webp file of the page has a considerably increased size Is there something that can be done so that it doesn't happen? Environment Liferay DXP 7.4...
Backup is failed with RangeError
legacy Troubleshooting
Note: please note that Liferay has renamed its Liferay Experience Could offerings to Liferay SaaS (formerly LXC) and Liferay PaaS (formerly LXC-SM). Issue Backup is failed with RangeError ERROR [WARN] RangeError: The...
Size reduction of the document library/backup
legacy Troubleshooting
Note: please note that Liferay has renamed its Liferay Experience Could offerings to Liferay SaaS (formerly LXC) and Liferay PaaS (formerly LXC-SM). Issue From one day to another our backup size is reduced with...
Removal of mapping types
legacy
Issue You might encounter some deprecation warning in your Elasticsearch logs regarding the removal of mapping types: Using include_type_name in get mapping requests is deprecated. The parameter will be removed in...
Bootstrap Accordion does not work correctly
legacy Troubleshooting
Issue When I click on the expand button, the expanded area is not displayed, so I am not able to change the text (without editing the text in the source code). Environment Liferay DXP 7.3+ Resolution System settings...
Content display date not showing user timezone
legacy
Issue The user's time zone setting is not reflected in the display date of mapped content in the fragment. Environment Liferay DXP 7.4 Resolution This functionality does not exist yet in the Liferay Portal. There...
frontend-css-web module was removed in DXP 7.4
legacy
Issue If I use frontend-js-override module, is there any impact on front-end-js-web module due to removal of frontend-css-web ? Environment Liferay DXP 7.4 Resolution frontend-web-css was removed in Liferay 7.4 here:...
Assets created from an Asset Publisher don't keep the categories and/or tags of the filter
legacy
Issue An Asset Publisher (AP) can be configured to filter by certain categories and/or tags. When the Display Settings of the AP has Show Add Content Button enabled, it's possible to create new assets directly from...
Auto-revert when issuing/revoking Roles
legacy Troubleshooting
Issue Pre-assigned roles are being issued/revoked during the "Assign Roles" action when using multiple pages during the "Assign Roles" stage. When navigating through multiple pages, a previously issued/revoked role...
How to update jackson-databind library
legacy Troubleshooting
Issue For security reasons we need to update the jackson-databind library from version 2.13.2.2 to 2.13.4.1 How do I update the jackson-databind library in Liferay DXP? Security vulnerabilities in jackson-databind...
Updating your DXP fix pack version in Liferay PaaS while remaining on a specific service stack
legacy How To
Note: please note that Liferay has renamed its Liferay Experience Could offerings to Liferay SaaS (formerly LXC) and Liferay PaaS (formerly LXC-SM). Issue Update the Liferay image to a specific docker image but...
Segments: Loading icon should display the maximum number of users in the property
legacy
Issue When we check the Event Analysis page and try to create a new event analysis, we can see that the number of users keeps showing the loading icon. It only stops when the conditions match a certain number...
Error "cannot remove '/opt/liferay/data/license/*': Permission denied"
legacy Troubleshooting
Note: please note that Liferay has renamed its Liferay Experience Could offerings to Liferay SaaS (formerly LXC) and Liferay PaaS (formerly LXC-SM). Issue After restoring a backup, the liferay service fails to...
Importing LAR using "Copy as New" option does not create a new copy of it
legacy Troubleshooting
Issue When exporting a Web Content article as a .LAR file and importing it through a Web Content Display widget using the "Copy as New" option the imported one mirrors the changes of the original article...
Necessary Permissions to Export or Import a Page
legacy Troubleshooting
Issue What permissions are necessary to be able to export or import a page? I get the error "I'm sorry, you don't have permission to access the requested resource" when trying to import or export a page. Environment...
user is unable to disable the 'Password Changed Notification' and 'Password Reset Notification'
legacy
Issue User is able to disable the 'Account Created Notification'. However, there are no options for turning off the 'Password Changed Notification' and 'Password Reset Notification' notifications. Environment...
The required fields are not requiring the user to fill in when switching languages ​​in instance settings
legacy Troubleshooting
Issue The required fields are not requiring the user to fill in when switching languages in instance settings Steps to Reproduce: 1. Navigate to Instance settings > Localization 2. Change the language to any other...
Ability to add an image from URL as a Blog Cover Image
legacy Troubleshooting
Issue Can an image from a URL be used as a Blog Cover Image? Steps to reproduce: 1. Navigate to content > blog 2. Add a new entry 3. Add an image to the content. 4. Observe the tab 'URL', the user can click on it...
Title field appears in wrong format when related
legacy Troubleshooting
Issue The title field appears in the wrong format when related Steps to Reproduce: 1. Menu portlet > Control panel > Objects 2. Create Custom Object A 3. Create Custom Object B with a Date field 4. Create a...
The document cannot be accessed if the title contains special characters
legacy Troubleshooting
Issue The user wants to access the document using a URL (with special characters) without uuid and timestamp An error occurs when accessing a file using a URL without a UUID if the file name contains a + or a %...
Unable to change the default locale for already existing web contents structure
legacy Troubleshooting
Issue Steps to reproduce: 1. Start Liferay DXP 7.3 2. Navigate to web content > Structure. 3. Create a structure with any type of field. 4. Change the default language to 'Spanish' > Save. 5. Navigated to Web...
"You do not have the roles required to access this portlet." errors seen when accessing Form
legacy Troubleshooting
Issue When attempting to access a form with a user that has the permissions to do so, "You do not have the roles required to access this portlet." errors are displayed in the UI. Environment Liferay DXP 7.4 Resolution Upgrade...
Overlapping Buttons when using AlloyEditor for Web Content Articles
legacy Troubleshooting
Issue When using AlloyEditor, creating a web content structure that includes a repeatable HTML field causes the Source Button Toggle to be overlapped by the repeatable "plus" and "minus" signs. Environment Liferay DXP...
Blog view count is not increasing for specific display page templates inside asset publisher
legacy Troubleshooting
Issue Steps to reproduce: 1. Start Liferay DXP 7.3 SP3. 2. Create a new blog entry and deploy the blog on the page. 3. Create a new Display Page Template, by navigating to Design > Page Templates > Display Page...
How to provide permission to Fragments
legacy
Issue Does DXP have permission feasibility with fragments? Environment Liferay DXP  [all versions] Resolution There is no way to directly control the visibility of a Fragment depending on the user accessing the...
Getting OptimisticLockException with workflow task timers
legacy Troubleshooting
Issue OptimisticLockException is encountered when using task timers inside the workflow. Steps to reproduce: Add a workflow under the process builder and add two task timers performing the same task at the same...
Audit entries stopped being shown or generated
legacy Troubleshooting
Issue We have recently upgraded to a new Update version, and we noticed that the Audit tool is not working or not displaying the most up to date information, showing last updates as 'x days ago', around the time when we...
Unable to view the 'specific account groups' in discount portlet with view permissions
legacy Troubleshooting
Issue Steps to reproduce: 1. Start Liferay DXP 7.4. 2. Navigate to Roles > create a new role and provide the view permissions of the 'Account Entry', 'Account Groups', 'Account', and 'Currencies', and view and...