Search Results

All Results 433
ソート
Resource Type
Applicable Versions
Deployment Approach
Capability
Feature
Module download link can not be opened on Liferay DXP Release Notes page with 404 error
legacy Troubleshooting
Issue  When trying to download modules like "com.liferay.saml.opensaml.integration" from Liferay DXP Release Notes page, the download link can not be opened with a 404 error. Environment Liferay DXP 7.2 Resolution...
Is Liferay Product affected by OpenSSL security issue CVE-2020-1967 ?
legacy
Issue Is Liferay Product affected by OpenSSL security issue CVE-2020-1967 ? Environment Liferay DXP 7.1 Resolution Since Liferay products do not come with OpenSSL built-in, Liferay is not affected by CVE-2020-1967 out of the...
How to resolve users being unable to log out after configuring a Token-Based SSO
legacy Troubleshooting
Issue After configuring and enabling a Token Based SSO in our 7.2 environment (upgraded from 7.0), users are now unable to log out, and they are instead redirected to the home page (still logged in). In our 7.0...
When resetting a password, duplicate error messages appear
legacy Troubleshooting
Issue Duplicate error messages show up when resetting the password Steps to reproduce: 1. Start and set up Liferay DXP 7.3 SP1 using the setup wizard. The email can be set as test@liferay.com and the password as a...
I cannot create new Virtual Instance with error Screen name must not be null
legacy Troubleshooting
Issue When I try to create a new Virtual Instance, the portal displays the error "Your request failed to complete". The portal log shows the following error: ERROR [default...
Importing LDAP settings through osgi/config files does not import password
legacy
Issue LDAP settings can be imported into the Liferay environment using osgi/config files These settings are imported into System Settings, and can then be configured for an individual instance in Instance Settings When...
Content-Security-Policy Header Integration
legacy
Issue How can a CSP (content security policy) HTTP header that enables only specific external resources to be loaded in the frontend be implemented? Environment Liferay DXP 7.2 Resolution CSP is not currently...
HTTP Strict Transport Security (HSTS) Header Not Used
legacy How To
Issue The HSTS header cannot completely defend against man-in-the-middle attacks. However, it can be useful in defending against an attack in which an attacker establishes an encrypted connection to the application and...
Verbose Error Messages
legacy How To
Issue The name of the technologies used, such as Apache Coyote, Tomcat, etc. are visible. Environment Liferay DXP 7.2, DXP 7.3 Resolution  Each application is responsible for allowing its information to be displayed...
Known Vulnerabilities with Liferay AntiSamy
legacy Troubleshooting
The following issue may compromise the security of your Liferay Digital Experience Platform implementation.  Vulnerability Information The Liferay AntiSamy app depends on third party libraries that have known...
Avoid or allow that some applications can be dynamically displayed in a page
legacy How To
Issue The permissions system for an application (portlet) includes a security check when the application is going to be displayed in a page. Normally, the users should not be able to see applications if the...
Session Management in Liferay
legacy
Issue How the sessions are managed in Liferay and what are all the different types to configure the same. Also, whether the Liferay session work for the javascript disabled browsers? Environment Liferay DXP...
No administrative options can be accessed when an F5 load balancer is in front of Liferay forcing a secure protocol
legacy Troubleshooting
Issue When a F5 load balancer is in front of Liferay and is forcing a secure protocol, no administrative options can be selected and accessed. On Liferay the following options are configured on the...
Authenticated users with no permission to access Control Panel can navigate to /control_panel/manage with the message: Please select a tool from the left menu.
legacy
Issue I have an issue with authenticated users who do not have privilege to access the Control Panel. A user with no specific role (Only User role), when navigating to /control_panel/manage gets redirected to a page...
Re-enabling Basic Authentication when Unable to Access the DXP Control Panel
legacy How To
Issue My Basic Authentication was disabled at the Instance Level, and now I am unable to access the DXP Portal because of it. How do I re-enable Basic Authentication without logging in?   Environment Quarterly...
Cross-Site Scripting: Reflected
legacy
Issue A Cross-Site Scripting (XSS) vulnerability was detected in the web application. Cross-Site Scripting occurs when dynamically generated web pages display user input, such as login information, that is not...
Callback URL of OAuth2 application created via client extension resets after server restart
legacy
Issue After restarting the server, the callback URL for OAuth2 applications created via client extensions, gets reset to the default @protocol@://localhost@port-with-colon@/o/oauth2/redirect, instead of the...
Changes to Site Templates are not propagated to pages
legacy Troubleshooting
Issue Changes made to a site template are not propagated to the pages that use the template. We can see the next error in the server log: [LayoutSetPrototypeMergeBackgroundTaskExecutor:219] Merge fail count...
Organization's users exposed in UI when modifying groupID in Request Body
legacy Troubleshooting
Issue An organization's member list can be seen by manipulating the role member assign(groupID) in a request. Here are the steps to reproduce: Setup browser proxy to 127.0.0.1:8180. For example with Chrome, navigate to...
Is Liferay Affected by CVE-2025-29927?
legacy
Issue Is Liferay affected by vulnerability CVE-2025-29927?   Environment Liferay DXP Quarterly Releases   Resolution The vulnerability CVE-2025-29927 is related to Next.js, a technology not used by Liferay as a...