Capability

Security

検索バー

Liferay DXP is built with security in mind. A variety of standards based authentication methods and integrations can be used to ensure secure access to a site and its resources. Robust role-based access control with permissions gives you fine grained control over what authenticated and unauthenticated users can access, share, or edit. Liferay DXP’s web services also have a multi-layered and configurable approach to security and authorization.

Feature
Deployment Approach
Is it possible to use the same CDN using in the Liferay PaaS instance and on the on-premises instance?
legacy How To
Note: please note that Liferay has renamed its Liferay Experience Could offerings to Liferay SaaS (formerly LXC) and Liferay PaaS (formerly LXC-SM). Issue Is it possible to connect the same CDN using in the...
DDMStorageAdapterSaveRequest has no possibility to distinguish between final Form Sending and Auto-save event
legacy Troubleshooting
Issue I am using a custom form storage adapter which calls an external service when the form is submitted. I noticed that in combination with the auto-save feature of Liferay Forms, this results in repeated calls of the...
Upgrade to 7.4: DDMFieldUpgradeProcess takes an awfully long time
legacy Troubleshooting
Issue We are upgrading to 7.4 and noticed that the upgrade process is working a lot at DDMFieldUpgradeProcess, this part seems to be taking a very long time Environment upgrade to 7.4 Resolution This is known. It happens...
Database throughput problems due to queries to the AssetEntry table executed by the assetEntryLocalServiceUtil.getEntries method
legacy Troubleshooting
Issue We have a custom development that calls the assetEntryLocalServiceUtil.getEntries method: AssetEntryQuery assetEntryQuery = new AssetEntryQuery(); assetEntryQuery.setAnyCategoryIds(new long[] { categoriaMesVistos...
Object creation fails with the error "400 Bad request Someone may be trying to circumvent the permission checker"
legacy Troubleshooting
Note: please note that Liferay has renamed its Liferay Experience Could offerings to Liferay SaaS (formerly LXC) and Liferay PaaS (formerly LXC-SM). Issue When I try to create new objects, I receive the following error...
Rest API to perform web content structure Import and Override
legacy How To
Issue Does Liferay provide any Rest API that can be used to save exported JSON of structures into Liferay DB, like the option "Import and Override" in Structure tab of Web Content? To be more precise, imagine a simple use...
Log messages for Stored XSS vulnerabilities
legacy Troubleshooting
Issue We would like to know whether there are any strings to search for in log files, to check if any of the following vulnerabilities have been exploited in our environment? LSV-1237 / CVE-2023-42628 LSV-1236 /...
Redirecting to a Custom Page post SAML Authentication in Liferay
legacy Troubleshooting
Issue I followed the guide Setting the Default Landing Page in Liferay Portal, to set up the default Landing Page, but it doesn't work with a Custom Page. Even though I followed the given steps, users are directed...
Unable to add documents to folder with workflow
legacy
Issue When attempting to create a new Web Content and selecting the "Link" option within the "Content" field, if a folder with an active workflow is chosen, the portal restricts the addition of documents to that...
Web Content Structure is unresponsive when making a selection
legacy Troubleshooting
Issue The Web Content & Structures field is not operating as expected when changing values. Create a structure with a Select from List. Export it to JSON. Change the value of Select from List to comma-separated words...
"Link to URL" parent page can't have a "Link to URL" child page
legacy
Issue After creating a "Link to URL" parent page, the ability to create a "Link to URL" child page is not available. This functionality used to be available, but isn't available anymore. Environment DXP 7.4...
Behaviour of the Liferay Infrastructure on Liferay PaaS when a Headless API is called during deployment
legacy
Note: please note that Liferay has renamed its Liferay Experience Could offerings to Liferay SaaS (formerly LXC) and Liferay PaaS (formerly LXC-SM). Issue 1. What will be the behavior of the Liferay...
Getting 'DuplicateSamlIdpSsoSessionException' in the Debug Logs
legacy Troubleshooting
Issue Users are facing intermittent login issues in the SAML environment; however, the below error is observed frequently in their log files: DEBUG [default task-73687][BaseSamlStrutsAction:61] null...
DocuSign Error: The access token provided is expired
legacy Troubleshooting
Issue When attempting to work with a new token for DocuSign integration, the following errors are observed: DEBUG [https-jsse-nio-443-exec-38][DSEnvelopeManagerImpl:177] [LPP-50430] value of Json Object is...
DocuSign is not working for Production environment
legacy Troubleshooting
Issue DocuSign works properly with developer DocuSign credentials in the UAT environment, however, while working in production with prod DocuSign credentials, users are unable to view or receive the entries on the...
'Segments' option under the 'People' section in the Product's menu not coming
legacy
Issue User has created a site template, but are unable to view the 'Segments' section under 'People' in the Product's menu. Environment Liferay DXP 7.4 Resolution Liferay provides site templates for...
Unable to play .wav audio files
legacy Troubleshooting
Issue Unable to play audio files of the '.wav' extension on the iOS app. Environment Liferay DXP 7.1 Liferay DXP 7.2 Liferay DXP 7.3 Liferay DXP 7.4 Resolution To mitigate this concern, please include the...
'Page Comments' portlet showing JS errors
legacy Troubleshooting
Issue After replying to the comments on the 'page comments' portlet, it is showing the following javascript errors in the console: Error] TypeError:...
Error 403 - App not assigned
legacy Troubleshooting
Issue We received this error:  Error 403 - App not assigned - Sorry, you can't access Support because you are not assigned this app in Okta. If you are wondering why is this happening, please contact your...
DocuSign API rules and limit
legacy
Issue APIs are failing, hence Liferay has to provide a feature to restrict the API limit. Environment Liferay DXP 7.4 DocuSign Resolution With the current DocuSign integration feature provided by Liferay, the...
Categories are not working properly in cluster enviornment
legacy Troubleshooting
Issue Categories are sometimes available while editing a document, yet usages show 0 in the categories section. There is no specific pattern, however, categories do not function as expected when working in a...
Why High Memory Consumption for Backup Service during Automatic Backup on Liferay Cloud
legacy
Issue When an automatic backup is triggered by the system, the memory utilization (for backup service) is more than 80%. However, the backup service is working fine for both automatic and manual backups. If...
Multiple UI errors while uploading duplicate images
legacy
Issue Users can see multiple UI errors while uploading duplicate images via document and media Steps to reproduce: Navigate to 'Content and Data'> 'Document and Media'>  Upload a document with a similar name or...
How to improve "idle in transaction" state in PostgreSQL?
legacy Troubleshooting
Issue A user encounters a state where a specific update is not being executed. The system hangs and the specific process cannot finish. Hanging transactions in the database that can only be unblocked if you...
“Your request failed to complete” shows up when trying to discard changes of a published Publication
legacy Troubleshooting
Issue “Your request failed to complete” is displayed in the UI when trying to discard the changes of a published Publication. Environment DXP 7.4+ Resolution What happens is that, originally, the Discard...
Is it possible to relate a user to an event from Analytics Cloud's Data Exports?
legacy
Issue When comparing the Events and Individuals report, how can we determine the specific user that is associated with an event? The “userId” data from the Events export never matches up with the “demographics.uuid” or “id”...
Can we obfuscate HTML of the sites?
legacy
Issue I would like to increase our protection from man in the middle attacks by obfuscating our site's HTML. Is there a method for this already implemented in Liferay? Environment DXP 7.0+ Resolution There is no...
Security Vulnerability CVE-2023-28708
legacy How To
Issue This security vulnerability (CVE-2023-28708) has been reported, and it is fixed in Tomcat 9.0.72. However, our current Liferay DXP 7.3 SP1 has a 9.0.40 Tomcat version. Environment Liferay DXP 7.3 Resolution...
The Job Scheduler Portlet is not accessible through the Control Panel
legacy
Issue A new Role has been created and enabled the Job Scheduler portlet to the new Role, but unable to access the Job Scheduler portlet with the new user. Steps to reproduce: 1. Navigate to Control Panel-> Role and...
Unable to Upload file into the Document & Media when size is more then 10 mb
legacy Troubleshooting
Issue When a user is trying to upload the file into the document and media, it does not upload when the size is more than 10 MB. Environment Liferay DXP 7.1 Liferay DXP 7.2 JBoss Resolution...
Form on a display page template does not display 'Success Page' after submitting data
legacy Troubleshooting
Issue My form is not displaying the 'Success Page' after data submission Environment Liferay DXP 7.3 Resolution This type of behavior is usually related to page caching. To make sure that the form will display the...
UI showing '404 page not found' after appends '/' in the friendly URL
legacy
Issue Steps to reproduce: 1. Navigate to the product > Commerce. 2. Select 'U-Joint' product. 3. In SEO > Friendly URL > append '/' just after u-joint. 4. Navigate to the catalog page and select U-Joint Product....
Error when using Fragments Toolkit
legacy Troubleshooting
Note: please note that Liferay has renamed its Liferay Experience Could offerings to Liferay SaaS (formerly LXC) and Liferay PaaS (formerly LXC-SM). Issue When using the Fragments Toolkit, following the steps in the...
[CKEDITOR] Error code: editor-plugin-required presented in the console logs
legacy Troubleshooting
Issue When trying to edit contents with text the following error is presented in the logs: [CKEDITOR] Error code: editor-plugin-required and the content cannot be edited.  Environment Liferay 7.4 U83-U98...
Automatic triggered re-indexing in elastic search
legacy
Issue Most of the time, the Liferay auto-initiated "MlDailyMaintenanceService" job runs daily at midnight. It also corrupted all indexes, as this job deleted some files. Due to the index getting corrupted, no...
Hide default login page /c/portal/login
legacy How To
Issue Is it possible to hide the default /c/portal/login page? We want users to use a specific login page, and prevent them from using /c/portal/login to log into the portal. Environment Liferay DXP 7.0+ Resolution...
Access multiple sites using the different domain name
legacy How To
Issue Run multiple Sites on a single instance using the different domain names Example: Site 1 running on the 'www.test.com:8080' domain and Site 2 running on the 'www.demo.com:8080' domain. Environment Liferay DXP...
Validate the JSON format in WYSIWYG editor of Web content
legacy
Issue When the user creates basic web content and puts JSON inside the rich text, the JSON is used for the navigation menu. Since content contains extensive JSON, it is challenging to add more menu means attributes...
After activating Publications, publication users can make changes directly in production
legacy How To
Issue With Publications active, we want to prevent publication users from being able to make changes directly in production, we only want them to be able to change publications. Environment Quarterly Release...
X-Xss-Protection response header is not working in DXP 7.4
legacy
Issue To enable X-Xss-Protection, add the below property in system-ext.properties http.header.secure.x.xss.protection=1; mode=block and restarted the server. But it is not working in the Liferay. Environment...