Capability

Security

Liferay DXP is built with security in mind. A variety of standards based authentication methods and integrations can be used to ensure secure access to a site and its resources. Robust role-based access control with permissions gives you fine grained control over what authenticated and unauthenticated users can access, share, or edit. Liferay DXP’s web services also have a multi-layered and configurable approach to security and authorization.

Feature
Deployment Approach
Capability
Using Multi-Factor Authentication
Official Documentation
Using Multi-Factor Authentication To enhance your installation's security, you should disable less secure, one-factor forms of authentication, such as Basic Auth, Digest Auth, and WebDAV. You can...
Published Date: May 9, 2024 6:52 PM
Configuring Content Security Policy Headers
Official Documentation
Configuring Content Security Policy Headers Modern browsers use Content Security Policy HTTP response headers to enhance web pages' security to mitigate certain types of attacks (like Cross-Site...
Published Date: May 9, 2024 6:52 PM
Securing Web Services
Official Documentation
Securing Web Services Liferay DXP provides four security layers for web services: IP permission layer: The IP address from which a web service invocation request originates must be white-listed in...
Published Date: May 9, 2024 6:52 PM
Setting Service Access Policies
Official Documentation
Setting Service Access Policies Service Access Policies define what services or service methods can be invoked remotely. You can apply many of them at once to produce a combined effect. They are...
Published Date: May 9, 2024 6:52 PM
Setting Up CORS
Official Documentation
Setting Up CORS CORS stands for Cross-Origin Resource Sharing. An Origin is a web server at a different domain, and a Resource is some asset stored on the server, like an image, PDF, or HTML file....
Published Date: May 9, 2024 6:52 PM
Using Authentication Verifiers
Official Documentation
Using Authentication Verifiers Authentication Verifiers authenticate remote invocations of Liferay Portal's API in a centralized and extensible way. They have two main responsibilities: Verify...
Published Date: May 9, 2024 6:52 PM
System for Cross-domain Identity Management (SCIM)
Official Documentation
System for Cross-domain Identity Management (SCIM) Liferay DXP 2024.Q1+ System for Cross-domain Identity Management or SCIM, is an open standard that automates user provisioning. In other words,...
Published Date: May 9, 2024 6:52 PM
AntiSamy
Official Documentation
AntiSamy Liferay DXP includes an AntiSamy module that protects against user-entered malicious code. If your site allows users to post content in message boards, blogs, or other applications, these...
Published Date: May 9, 2024 6:52 PM