Search Results

All Results 435
ソート
Resource Type
Applicable Versions
Deployment Approach
Capability
Feature
Users are being logged in as some other user
legacy Troubleshooting
Issue When any user logs into the portal, they see the user profile of another user instead of seeing their own profile. Environment Liferay DXP 7.0 Resolution There are usually two root causes for the...
Liferay's OpenID Connect implementation and Single Logout
legacy
Issue Does Liferay's OpenID Connect implementation support Single Logout? Environment Liferay DXP 7.1/7.2 Resolution Liferay's current OpenID Connect (OIDC) integration only implements parts of the Final specifications,...
Using one user's JSessionID any logged in user can access the respective user's session
legacy
Issue One user's session is accessed by knowing the respective user's JSessionID. Steps for reference: 1) 2 users (say: User A and User B) 2) User "A" logs-in to the system 3) Now, user "A" has one Jession...
LDAP users are unable to log in
legacy Troubleshooting
Issue Users who are present in LDAP are unable to perform login into Liferay and the below error was observed at the server console. ERROR [liferay/scheduler_dispatch-4][PortalLDAPImporterImpl:717] Unable...
Does Liferay DXP 7.1 support HTTP headers?
legacy
Issue Does Liferay DXP 7.1 support the following HTTP headers: "X-Frame-Options", "X-XSS-Protection" and "X-Content-Type-Options"? If not, what changes have to be done from the application side to enable...
TLS v1.2 in Liferay DXP 7.1
legacy
Issue Due to some security vulnerable in TLS v1.0, it should be upgraded to TLS v1.2.  1. Does Liferay DXP 7.1 support TLS v1.2? 2. If it supports, then how to use/upgrade the same in Liferay DXP 7.1?...
Unable to import LDAP telephoneNumber into Liferay phone in the Contact page
legacy Troubleshooting
Issue Unable to import LDAP telephoneNumber (in Microsoft Active Directory) into Liferay Contact Information -> Phone Numbers on the Contact page. Environment Liferay DXP 7.1 Resolution Only attributes listed in...
Https Access Portal Problems
legacy Troubleshooting
Issue When users are trying to access to portal using https protocol, portal is redirecting to http protocol and pages are not showed right. Https protocol was configured in load balancers and application...
NTLM authenticate failed due to " Logon failure: unknown user name or bad password error "
legacy Troubleshooting
Issue Users are unable to login through NTML due to the following WARN: 2019-08-29 05:55:28.671 WARN [http-nio-8080-exec-5][Netlogon:104] Unable to authenticate user emma: Logon failure: unknown user name or bad password....
Password is visible as a plain text in the user's browser console
legacy
Issue When a user tries to log in to Liferay via Liferay's default Sign-In portlet, the user's password shows in the browser console as a plain text. Environment Liferay DXP 7.0-7.4 Resolution This is not a Liferay issue....
SAML SLO is not working when using two Liferay servers in my machine
legacy Troubleshooting
Issue We configured 2 Liferay Servers in my machine, one as Service Provider and the other as Identity Provider. We managed to perform the login through IdP. The issue happens when we try to logout the user in SP....
LDAP users are unable to log in(Caused by: java.net.SocketException: Connection reset)
legacy Troubleshooting
Issue If the LDAP is configured and when the LDAP users are trying to log in, authentication fails and started getting the following error in the server console. ERROR...
Antisamy - Document description field not sanitized
legacy
Issue While the title of a document cannot contain a tag or script in the description section tags and scripts can be published. Environment Liferay DXP 7.0 Resolution The AntiSamy module filters on specific...
How to reproduce https:// problems on localhost
legacy How To
Issue If we are using https protocol the related use cases are hard to proof on localhost Environment Liferay DXP 7.0 Liferay DXP 7.1 Use Firefox (Firefox is recommended, as Chrome does not allow self-signed...
Security Advisory for CVE-2019-2729 for Oracle WebLogic
legacy Troubleshooting
Issue Oracle has issued a security alert for Oracle WebLogic wherein a deserialization vulnerability via XMLDecoder in Oracle WebLogic Server Web Services has been detected. The following resource and information are...
How to configure the "check-auth-token" parameter within an OSGi portlet?
legacy How To
Issue The current Liferay DXP portal properties file contains the following for the "check-auth-token" parameter: # # Set this to true to enable authentication token security checks. The # checks can be disabled...
Password is visible as a plain text in LDAP request
legacy Troubleshooting
Issue When intercepting the LDAP request using any third party tool(ex. Wireshark) password is visible as a plain text Environment Liferay 7.0 Resolution Enabling LDAP over SSL will transmit the credentials...
Data Protection for Liferay Services and Software
legacy
This whitepaper describes the data protection policies of Liferay DXP and describes Liferay's approach to protect personal data in compliance with local regulatory requirements such as GDPR. The paper is available for...
Liferay DXP Application Security Features
legacy
This document provides an overview of application-level security features in Liferay DXP. It discusses transport security, encryption, web services, SSO, OAuth, and more.  The paper is available for download here.,...
Liferay Security Development Overview
legacy
This paper provides an overview of the processes used during development and testing of Liferay products. Combined, these processes ensure that Liferay’s customers can have confidence in the security and ongoing...