Search Results

All Results 433
ソート
Resource Type
Applicable Versions
Deployment Approach
Capability
Feature
After enabling LDAP authentication, administrator users who do not exist in LDAP can log in
legacy
Issue We have enabled LDAP authentication, checking it as required and we have unchecked Ignore User Search Filter for Authentication. With this configuration applied the administrator users can login even if...
SAML Sessions remain Active despite Logout in Liferay
legacy Troubleshooting
Issue We have integrated SAML with our Liferay configuration. We have noticed that after a User logs out, their session remains active in Liferay. Environment Liferay DXP 7.3 Resolution This issue may occur if the...
Requests to Liferay with an invalid HOST request HTTP header returns the default site
legacy Troubleshooting
Note: please note that Liferay has renamed its Liferay Experience Could offerings to Liferay SaaS (formerly LXC) and Liferay PaaS (formerly LXC-SM). Issue Requests to Liferay with an invalid HOST request...
Are URLs that display/download Liferay JS information a vulnerability?
legacy
Issue Some monitoring tools may identify certain URLs that are accessible during routine scans that should not have allowed access. Among the URLs that are typically detected are URLs that can download Liferay's JS...
Service Organization Control (SOC) -1 Type 2 report
legacy
Issue Service Organization Control (SOC) -1 Type 2 report for auditing purposes. Environment Liferay DXP Resolution The SOC-1 report focuses on financial controls and their evaluation and this reporting is not...
How to Disable CAPTCHA on Server Admin Pages
legacy How To
Issue How do you disable CAPTCHA on pages? Site Administration pages like the Gogo Shell now have a CAPTCHA verification. How do you disable CAPTCHA on pages? Adding “-1” (Never Check), doesn’t work....
Microsoft Azure Key Vault with Liferay DB
legacy How To
Issue Can we use Azure Key Vault with DB setup configuration in Liferay instead of having it in plain text in the properties file? Is there any way to configure the DB in Liferay using Azure Key Vault? How we can use...
Tomcat Vulnerability Impact (CVE-2023-28708)
legacy
Please be aware that the page you are viewing has been machine translated from Japanese into English and may contain some translation errors. If you observe any issues with the translation, please contact us. Issue...
What is the user password algorithm and format of the stored passwords?
legacy
Issue We would like to understand the formatting of passwords as they're saved in Liferay. What algorithm, salt, and hash format is being used to store passwords?  Environment DXP 7.1 Resolution Example Password:...
When trying to access a user's private page, a "404 Page Not Found" populates instead of the Login prompt
legacy
Issue When trying to access a user's private page, we are transferred to a "404 Page Not Found" error page instead of the Login page that we were expecting.  Environment DXP 7.4 Quarterly Release Resolution Not being...
A blank SAML redirect screen is seen even with redirect message disabled
legacy
Issue A blank intermediary page (showing "Please select your identity provider" title and /portal/c/portal/login?redirect=%2Fportal%2F&refererPlid=[sanitized]&p_l_id=[sanitized] URL) is being seen even with the hotfix...
'Authentication Search Filter' for Users in LDAP
legacy
Issue At the moment, we are using LDAP server connection to authenticate our users. Our question is: in which moment the query to authenticate users is executed? More exactly, when the field 'Authentication Search...
Web Server keeps asking for basic authentication when using a Client Extension that makes a request via OAuth to Liferay API
legacy Troubleshooting
Issue A Web Server before the Liferay environment is configured with Basic Auth. Liferay uses a Client Extension (CX) that makes a request to a Liferay API using OAuth. When the page using the CX is loaded, the Web...
'Email Account Activity: New Sign-In detected for your account' received which is an unwanted email
legacy
Issue Receiving unwanted email notifications like "Your email account abc@xyz.org.in was signed into from a new location, device, browser, or application" from GoDaddy. Below are the details received:   From:...
Liferay's OpenID Connect implementation does not account for language variations for ui_locales
legacy
Issue Liferay's OpenID Connect implementation does not account for language variations for ui_locales. For example, Selecting English (United States) on Liferay sets ui_locales to en. Selecting Chinese (either Traditional...
LDAP import PermissionChecker not initialized
legacy Troubleshooting
Issue When importing users by Groups and enabling ‘Creating Roles on Import’, the roles and groups will be created/imported, but the users are not imported. Error reads PermissionChecker not initialized...
Security Issue: CVE-2024-28752 - Apache CXF
legacy
Issue Security vulnerability CVE-2024-28752 details a SSRF vulnerability with the Aegis DataBinding in versions of Apache CXF before 4.0.4, 3.6.3, and 3.5.8, which would allow an attacker to perform SSRF style attacks...
How long does the content remain in the CDN cache?
legacy
Note: please note that Liferay has renamed its Liferay Experience Could offerings to Liferay SaaS (formerly LXC) and Liferay PaaS (formerly LXC-SM). Issue What is the policy for cleaning and updating content...
Is there a way identify When was the user Deactivated and by Whom?
legacy How To
Issue Is there a possible way to find out when was the exact date the Liferay user was deactivated and by whom? Environment Liferay DXP 7.3 Liferay DXP 7.4 Resolution Please run the attached Groovy script to get a...
How can I access OpenIdConnectProvider classes in 7.4 U34+?
legacy How To
Issue The Liferay classes com.liferay.portal.security.sso.openid.connect.OpenIdConnectProvider; and com.liferay.portal.security.sso.openid.connect.OpenIdConnectProviderRegistry; were removed in U34+...