Search Results

All Results 433
ソート
Resource Type
Applicable Versions
Deployment Approach
Capability
Feature
"Text verification failed" Captcha error
legacy Troubleshooting
Issue We are trying to use the Reset Password functionality, but every time we enter the captcha text correctly, we always get an error saying: "Text verification failed". We noticed this same behavior on other...
Is One Time Password's expiration configurable?
legacy
Issue When does One Time Password expire? Can you set the validity timeframe of the OTP? Environment DXP 7.2+ Resolution OTP is HTTP session based, if the session expires, OTP expires as well. And it can only be used...
Security configuration related to session management
legacy
Issue There are some security configuration requirement regarding session management. Environment Liferay DXP 7.4 Resolution Application uses the 'referrer' header as a supplemental check only, and not just for any...
Browser Pop-Up For Non-Https Site
legacy Troubleshooting
Issue We are seeing a browser pop-up warning for our users when they try to login to our http site. They become concerned as it says the connection is not secure, but to 'send anyway'. Can this be disabled by Liferay...
Is Liferay's SAML Service Provider Logout URL required in the Identity Provider?
legacy Troubleshooting
Issue Azure's SAML Identity Provider (IdP) marks the Service Provider's (SP) Logout URL as "optional" However, when I remove Liferay's Logout URL from Azure's SAML configurations, Liferay users are not signed out...
OpenID Connect Error - "Signed JWT rejected"
legacy Troubleshooting
Issue When configuring authentication using OpenID Connect, login fails and the following error is reported: Unable to validate tokens: Signed JWT rejected: Another algorithm expected, or no matching key(s) found...
Resource and Global scopes tabs are not listing under oAuth2 administration scopes
legacy How To
Issue I not see the Resource and Global Sub-tabs under the Scopes tab on Oauth2 clients (in Control Panel/ OAuth2 Administration) Environment 7.3+ Resolution After https://issues.liferay.com/browse/LPS-105158 the scope...
EU Login via OpenID Connect needs Proof Key for Code Exchange (PKCE)
legacy
Issue I would like to integrate my portal with an EU Login mock server instance via OpenID Connect It does not work since the OpenID connect server needs Proof Key for Code Exchange (PKCE) After configuration, when I am...
Can both Liferay and LDAP Password policies be enabled at the same time?
legacy
Issue Is there a way to make both of Liferay and LDAP policies work together, so that users logging via Liferay authentication will be handled by Liferay's password policies and users authenticating...
LDAP Import Enabled under SAML settings
legacy
Issue What is the actual functionality of LDAP Import Enabledunder SAML settings Environment Liferay DXP 7.2, 7.3, 7.4 SAML Resolution Checking LDAP Import Enabled under SAML settings affects 3 functions:...
I would like to control email notifications to Liferay strangers.
legacy How To
Issue How are strangers defined by Liferay? How can I control email notifications to strangers upon signup? Environment DXP 7.3+ Resolution The SAML property defining unknown users as strangers was introduced in DXP 7.3....
Records are not removed from samlspsession table if the user closes the browser instead of logging out
legacy Troubleshooting
Issue Records are not removed from `samlspsession` table if the user closes the browser instead of logging out. Steps to reproduce: 1. Setup two instances of Liferay to use SAML - one as IDP and one as SP....
Authentication flow in Liferay when LDAP is enabled
legacy
Issue Liferay is configured to use LDAP When Liferay Authentication will happen? When LDAP Authentication will happen? Environment Liferay DXP 7.0 -7.4 Resolution LDAP authentication always happens before...
Special characters which are used for XSS can be saved as an input without any warning
legacy
Issue Characters as <, >, /, (, ), ", ' which can be used to make scripts, used in HTML and JavaScript are valid to use in the portal as inputs and values, and it can raise security questions The use of these...
Is there a limit to the number of IdPs registered?
legacy
Please be aware that the page you are viewing has been machine translated from Japanese into English and may contain some translation errors. If you observe any issues with the translation, please contact us....
Search in Control Panel > Audit makes long URL
legacy
Issue A search in Control Panel > Security > Audit always sends empty search parameters in the GET URL. As a result, URLs are very long and can be blocked by firewall-infrastructure. Steps to reproduce: Navigate to...
Detected vulnerabilities related to Jettison
legacy Troubleshooting
Issue A security scan has picked up the following vulnerabilities related to jettison-1.x.x jar: CVE-2022-40150 & CVE-2022-40149. This jar is found in marketplace\Liferay Foundation - Liferay Portal Remote -...
Existing users password encryption algorithm is not updated on password reset
legacy Troubleshooting
Issue The password encryption algorithm of existing users is not being updated after doing a password reset. Environment DXP 7.4 Resolution To resolve this behavior, open a help center ticket to request a hotfix...
How to set SameSite cookie attribute to Strict within Tomcat
How To
Issue How can I adjust the JSESSIONID cookie's SameSite attribute from None to Strict? Environment Liferay DXP 7.1 - 7.4 Resolution The JSessionID cookie's attributes are set by your application server or web...
How to update moment.js library
legacy Troubleshooting
Issue For security reasons we need to update the moment.js library from version 2.24.0 to version 2.29.4 How do I update the moment.js library in Liferay DXP? Security vulnerabilities in moment.js 2.24.0:...