Search Results

All Results 433
ソート
Resource Type
Applicable Versions
Deployment Approach
Capability
Feature
The Forget Password page is vulnerable to CSRF attack
legacy
Issue The Forget Password form can be re-submitted with different cookies which lead to the CSRF issue. Environment Liferay DXP 7.2 Resolution This is considered as a False Positive, as the user is not logged into...
Page version control information is accessible in sitemap.xml
legacy
Issue Page version control information is accessible in sitemap.xml - such information shall not be exposed for security reasons. Reproduction: 1) Start up bundle 2) Access sitemap...
NTLM Browser Support
legacy
Affected Versions Liferay DXP 7.1 Liferay DXP 7.0 Liferay Portal 6.2 EE Liferay Portal 6.1 EE Integrating NTLM with Liferay products should only be done with Internet Explorer for...
Customer and Deployment Impact of Disabling TLS 1.0 for Inbound Traffic on Liferay Services
legacy
Due to vulnerabilities in the Transport Layer Security v1.0, Liferay has disabled TLS 1.0 for inbound secure connections on all systems and services on January 11, 2019. We previously announced in November 2018 that...
Signing into Liferay Using NTLM Before the User is Imported From LDAP Causes Error
legacy Troubleshooting
This article is a legacy article. It applies to previous versions of the Liferay product. While the article is no longer maintained, the information may still be applicable. When...
AntiSamy Portlet Removes HTML Target Attributes
legacy How To
The AntiSamy portlet is meant to prevent XSS type attacks. One side effect however is that if an HTML target is used, then the portlet will remove it upon publishing the content. Steps to Reproduce Create Web...
Authentication Error When Logging In With Google Account
legacy Troubleshooting
This article documents an authentication error when attempting to log in to the portal instance using a google account. Listed below are the steps to resolve the issue or avoid it altogether. Resolution Error:...
Setup Guide for Liferay and WSO2 Identity Server SAML Integration
legacy How To
This guide shows you how to integrate Liferay Portal with WSO2's Identity Server. These are the basic settings with the goal of setting the user on the right track. Resolution Install,...
SAML Plugin Throws NPE When Trying to Access Metadata
legacy Troubleshooting
This article is a legacy article. It applies to previous versions of the Liferay product. While the article is no longer maintained, the information may still be applicable. With...
Providing User Data in SAML AuthnResponse Packets
legacy How To
SAML communication occurs via request and response packets between an identity provider and a service provider. This article addresses how to provide user data within the response...
Performance Issue With LDAP Imports When Using Oracle Database
legacy Troubleshooting
This article is regarding a performance issue that may surface when executing an LDAP import using the UserGroup method for a large amount of users. Specifically, the issue is that the...
JSON Authentication for Custom Portlets
legacy Troubleshooting
Liferay will support our API and resolve any issues and answer any questions having to do with the API itself or any other part of Liferay's software. Issues and questions regarding custom development may be handled by...
Errors Exporting Password to LDAP
legacy Troubleshooting
The fix on LPS-55208 modifies LDAPUserExporterImpl (PortalLDAPExporterImpl in Portal 6.2 EE) in a way that the user is only exported to LDAP when the user's modifiedDate field changed....
Importing Contact and Custom Field Mappings From LDAP
legacy How To
In some environments it may be desirable to import a user's contact information from an LDAP server. This article explains how to import custom mappings as well as contact mappings from a Microsoft Active Directory...
Disabling the Change Password Request When Users First Log In to Liferay
legacy How To
When a user first logs in to the Liferay Portal 6.1 EE, they are immediately prompted to change their password. Resolution While this request is the default setting, the setting can be...
Restrict guest users from accessing login page when attempting to access a protected page or resource
legacy How To
Issue By default, guest users are prompted to the login page when they are attempting to hit a url or access a resource that is protected and not available to guest users. I do not want guest users to be redirected to...
How to Setup HTTPS on Tomcat for Liferay Portal 6.2 and DXP 7.0
legacy How To
Liferay Support does not recommend or endorse specific third-party products over others. Liferay is not responsible for any instructions herein or referenced regarding these products....
How do I Add More Than One Field To the Custom Mapping Sections in My 7.0 LDAP Setup?
legacy How To
Issue I would like to add multiple fields to the custom mappings section in my LDAP setup. Environment DXP 7.0 Resolution During LDAP setup, navigate to Control Panel > Configuration > Instance Settings, in...
Post deployment of SAML plugin the SAML Admin page is blank
legacy Troubleshooting
Issue After deploying the SAML plugin in the Liferay instance, the SAML admin page displayed blank. Below Stack trace occurs in the log at the time of performing the above actions. 2021-03-23 19:14:22.610 WARN...
New Virtual Instance cannot be created if "passwords.default.policy.check.syntax=" is set to true
legacy Troubleshooting
Issue If I set passwords.default.policy.check.syntax=true in my portal-ext.properties file, I cannot create a New Virtual Instance I get an error in the logs: ERROR...