Search Results

All Results 437
Resource Type
Applicable Versions
Deployment Approach
Capability
Feature
TLS v1.2 in Liferay DXP 7.1
legacy
Issue Due to some security vulnerable in TLS v1.0, it should be upgraded to TLS v1.2.  1. Does Liferay DXP 7.1 support TLS v1.2? 2. If it supports, then how to use/upgrade the same in Liferay DXP 7.1?...
Unable to import LDAP telephoneNumber into Liferay phone in the Contact page
legacy Troubleshooting
Issue Unable to import LDAP telephoneNumber (in Microsoft Active Directory) into Liferay Contact Information -> Phone Numbers on the Contact page. Environment Liferay DXP 7.1 Resolution Only attributes listed in...
Https Access Portal Problems
legacy Troubleshooting
Issue When users are trying to access to portal using https protocol, portal is redirecting to http protocol and pages are not showed right. Https protocol was configured in load balancers and application...
NTLM authenticate failed due to " Logon failure: unknown user name or bad password error "
legacy Troubleshooting
Issue Users are unable to login through NTML due to the following WARN: 2019-08-29 05:55:28.671 WARN [http-nio-8080-exec-5][Netlogon:104] Unable to authenticate user emma: Logon failure: unknown user name or bad password....
Password is visible as a plain text in the user's browser console
legacy
Issue When a user tries to log in to Liferay via Liferay's default Sign-In portlet, the user's password shows in the browser console as a plain text. Environment Liferay DXP 7.0-7.4 Resolution This is not a Liferay issue....
SAML SLO is not working when using two Liferay servers in my machine
legacy Troubleshooting
Issue We configured 2 Liferay Servers in my machine, one as Service Provider and the other as Identity Provider. We managed to perform the login through IdP. The issue happens when we try to logout the user in SP....
Possible Mismatch Between the Real LDAP Import Time and Import Interval Set on Instance Settings after LPS-98420
legacy Troubleshooting
Issue After LPS-98420, there might be a mismatch between the real LDAP Import trigger time and Import Interval set on instance settings. For example: Set “System Settings -> LDAP -> Import Interval” to 2. Set “Instance...
Resolving errors when using Liferay JSON Web Service to do the searching
legacy Troubleshooting
Issue When invoking Liferay JSON Web Service to do the searching, you may encounter errors like the following: com.liferay.portal.kernel.dao.orm.ORMException: org.hibernate.exception.SQLGrammarException: could not execute...
LDAP users are unable to log in(Caused by: java.net.SocketException: Connection reset)
legacy Troubleshooting
Issue If the LDAP is configured and when the LDAP users are trying to log in, authentication fails and started getting the following error in the server console. ERROR...
Unable to handle SAML Request
legacy Troubleshooting
Issue After enabling the SAML, when the user is trying to log in, authentication failed with the following message in UI and in Server console. UI: "Unable to handle SAML Request" Server Console:  ERROR...
Authentication through LDAP when SAML is enabled
legacy Troubleshooting
Issue Liferay has to authenticate the user through SAML as well as LDAP when SAML is enabled Environment Liferay Portal 6.2 Liferay DXP 7.0 Liferay DXP 7.1 Resolution Authenticating users from LDAP when the...
LDAP users are able to login with Default User Password
legacy
Issue Users from LDAP are able to login with the value which is defined in "Default User Password" field under the LDAP import/export settings. Environment Liferay DXP 7.0 Resolution Liferay will allow the...
[LES] Issues reinstalling Liferay Connector to X-Pack Security
legacy How To
Issue I'm having issues reinstalling X-Pack Security How do I reinstall X-Pack Security? Environment DXP 7.2    DXP 7.1    DXP 7.0 + Fix Pack 54 onwards (de-54) Resolution To Install Add Liferay Connector to X-Pack...
CSRF (p_auth) token is not included in portlet ResourceURLs
legacy
Issue p_auth token is not included in the resourceURL. Environment Liferay DXP Liferay 6.2 EE Resolution ResourceURLs (resource serving phase) was introduced in Portlet 2.0 to be able to serve resources (images, etc...)...
Preventing host header attack vulnerabilities
legacy How To
Issue Adjusting the Host header in the request can impact page rendering, redirections, and other server-side behaviors. This manipulation could potentially lead to Cross-Site Scripting (XSS) for example. Environment...
[LES] How to reinstall Liferay Connector to X-Pack Security
legacy How To
Issue How can I reinstall x-pack security? Environment DXP 7.2    DXP 7.1    DXP 7.0 + Fix Pack 54 onward (de-54) Resolution When we uninstall X-Pack security, an entry is added to Bundle Blacklist at this...
Antisamy - Document description field not sanitized
legacy
Issue While the title of a document cannot contain a tag or script in the description section tags and scripts can be published. Environment Liferay DXP 7.0 Resolution The AntiSamy module filters on specific...
How to reproduce https:// problems on localhost
legacy How To
Issue If we are using https protocol the related use cases are hard to proof on localhost Environment Liferay DXP 7.0 Liferay DXP 7.1 Use Firefox (Firefox is recommended, as Chrome does not allow self-signed...
Security Advisory for CVE-2019-2729 for Oracle WebLogic
legacy Troubleshooting
Issue Oracle has issued a security alert for Oracle WebLogic wherein a deserialization vulnerability via XMLDecoder in Oracle WebLogic Server Web Services has been detected. The following resource and information are...
How to configure the "check-auth-token" parameter within an OSGi portlet?
legacy How To
Issue The current Liferay DXP portal properties file contains the following for the "check-auth-token" parameter: # # Set this to true to enable authentication token security checks. The # checks can be disabled...
Is request-based p_auth token supported to prevent CSRF attack?
legacy
Issue To prevent CSRF attacks, Liferay provides options to enable authentication token security checks. The current token is session-based token. Is request-based p_auth token supported? Environment Liferay DXP 7.1...
The Password Reset Screen is no longer showing the "Please set a new password" description
legacy
Issue After upgrading from 6.x to 7.x, the Password Reset Screen is no longer showing the "Please set a new password" description text. Environment Liferay DXP 7.0 Liferay DXP 7.1 Liferay DXP 7.2 Resolution The "Please set...
How to upload authentication XML file from Bing ownership verification
legacy How To
Issue One of the methods to complete the verification process required to add a website to a Bing Webmaster Tools account is uploading a XML file to the root directory of the website and make it available on...
Apply button in OAuth 2 Administration is not working
legacy Troubleshooting
Issue When making changes under OAuth 2 Administration, such as generating a new client secret or editing Client ID, the Apply button may not respond when clicked. When viewing the browser console, you will see:...
Password is visible as a plain text in LDAP request
legacy Troubleshooting
Issue When intercepting the LDAP request using any third party tool(ex. Wireshark) password is visible as a plain text Environment Liferay 7.0 Resolution Enabling LDAP over SSL will transmit the credentials...
Whether to use OpenSSL
legacy
Please be aware that the page you are viewing has been machine translated from Japanese into English and may contain some translation errors. If you observe any issues with the translation, please contact us. Issue In...
Unable to process SAML SSO request
legacy Troubleshooting
Issue After configuring SAML SSO successfully, the user is unable to perform login and getting the following error in UI and Server console. UI Error:  "Unable to process SAML request" Server Console: ...
AWS S3 Signature Version 2 Discontinued
legacy How To
Please be aware that the page you are viewing has been machine translated from Japanese into English and may contain some translation errors. If you observe any issues with the translation, please contact us. Issue...
COOKIE_SUPPORT & GUEST_LANGUAGE_ID are not marked as Secure
legacy
Issue There are two cookies generated by Liferay DXP, COOKIE_SUPPORT & GUEST_LANGUAGE_ID, which is not marked as Secure. Environment Liferay DXP 7.1 + JBoss  Resolution This is related to the Web Server and Application...
Configuration of NTLMv2 with Liferay
legacy
Issue How to configure NTLMv2 in Liferay as there is no configuration available in Liferay control panel to differentiate the request/service Environment Liferay 6.x Liferay 7.0 and Liferay 7.1 Resolution...
User should be re-directed to the login page once the session expires
legacy How To
Issue Once the session expires, users remain on the same page on which they were already there until and unless they click on somewhere, then it redirects to the login page. Environment Liferay DXP 7.0 Resolution If...
Security Statement on CVE-2019-11444: Disputed Groovy Script console vulnerability
legacy
Recently, a security vulnerability was filed in Mitre under CVE-2019-11444 arguing that attackers could allegedly use Liferay's Groovy script console to execute OS commands. Liferay disputes this issue because this is...
Data Protection for Liferay Services and Software
legacy
This whitepaper describes the data protection policies of Liferay DXP and describes Liferay's approach to protect personal data in compliance with local regulatory requirements such as GDPR. The paper is available for...
Liferay DXP Application Security Features
legacy
This document provides an overview of application-level security features in Liferay DXP. It discusses transport security, encryption, web services, SSO, OAuth, and more.  The paper is available for download here.,...
Liferay Security Development Overview
legacy
This paper provides an overview of the processes used during development and testing of Liferay products. Combined, these processes ensure that Liferay’s customers can have confidence in the security and ongoing...
Troubleshooting SAML Single Log Out when SLO fails
legacy Troubleshooting
Issue User is not logged out from Liferay SAML when the instance has expired. Liferay Session Timeout is set to 30 minutes and SAML Session is to 90 minutes. When SLO is triggered, the user is still signed in....
Known Issue: Browser Ignores Disabled Autocomplete Property for Saving User Login Information
legacy
Issue After setting company.security.login.form.autocomplete=false to disable autocomplete for user login information, the browser still permits users to save passwords or use password managers to manage password...
Known Issue: Security Scan Shows Liferay as a Potential Sharepoint Vulnerability - False Positive
legacy Troubleshooting
Issue There may be some instances where a security scan shows Liferay having a potential Sharepoint endpoint vulnerability. Specifically, the security scan's warning may be related to the /_vti_inf.html file. This is...
Existing users in Liferay can not login through SAML with "Screen name x must not be duplicate ..." error
legacy Troubleshooting
Issue If the user exists in Liferay (service provider), the user cannot log in through SAML due to duplicate screenname ERROR. 2019-04-23 04:29:45.758 ERROR [http-nio-18080-exec-7][BaseSamlStrutsAction:58] Screen name ccc...
Why does our internal server address appear when users authenticate against our SSO?
legacy
Issue When a user authenticates against an SSO they are redirected to the server they were logging into. As part of this both the SSO address and the server address appear in the URL for a brief time. This occurs...
LFR_SESSION_STATE cookies are not marked as HttpOnly
legacy
Issue LFR_SESSION_STATE cookies are not marked as HttpOnly Environment Liferay DXP, Liferay 6.2 Resolution This is not a security issue because this cookie is created and used in session.js which is the portal's Javascript. ...
How Can I Assign Roles to Users When Importing from LDAP?
legacy Troubleshooting
Issue When importing users to Liferay DXP from LDAP, they are not being assigned the roles I want them to have from my LDAP server. Environment Liferay DXP LDAP Resolution In Liferay DXP, Users are...
Lodash Security Vulnerability in Theme Dependencies
legacy
Issue In the Liferay theme dependencies, Lodash versions 3.10.1 and below are used extensively as dependencies throughout. Versions of Lodash prior to 4.17.5 suffer from a security risk: CVE-2018-3721...
Generating SAML Metadata with HTTPS
legacy How To
Issue This article documents how to generate a SAML metadata XML file that also has HTTPS enabled. Environment Liferay Portal 6.2, DXP 7.0, DXP 7.1 Any web server  Resolution In order to generate a SAML metadata.xml...
Why are user accounts shared when I have multiple LDAP servers configured?
legacy Troubleshooting
Issue When a Liferay DXP bundle is configured to communicate with two or more LDAP servers there can be issues with user importing and users logging in. Example: If Liferay DXP is communicating with two LDAP...
Updated Email Addresses in LDAP are not Imported to Liferay DXP 7.0
legacy How To
Issue This article documents a product limitation and a possible workaround for importing a user whose email address was updated in LDAP into a Liferay DXP instance. Environment Liferay DXP  LDAP server Resolution This...
Using MS ADFS & Liferay SAML Integration
legacy How To
Liferay Support does not recommend or endorse specific third-party products over others. Liferay is not responsible for any instructions herein or referenced regarding these products. Any implementation of these...
Remove the Ability to Add JavaScript in the Control Panel's Site Pages
legacy How To
Issue Disable the ability to add JavaScript to pages on DXP 7.0 and thus prevent malicious code injections. Environment  DXP 7.0 Fix Pack 60+ This functionality was introduced in DXP 7.0 Fix Pack 60 Resolution Install...
Deployment of SAML plugin does not display SAML admin screen
legacy Troubleshooting
Please be aware that the page you are viewing has been machine translated from Japanese into English and may contain some translation errors. If you observe any issues with the translation, please contact us. Event/Use...
Using Shibboleth 3 as IdP + SAML Integration
legacy How To
Liferay Support does not recommend or endorse specific third-party products over others. Liferay is not responsible for any instructions herein or referenced regarding these products. Any implementation of these...
Users Fail to Import When First Name is Missing in LDAP
legacy
 This article discusses an apparent issue when Liferay Portal will throw a ContactFirstNameException error in the console. This error message appears when the first name is left out if importing a user from an LDAP...
LDAP Authentication and User Import/Export
legacy
This article provides an overview of LDAP integration with Liferay DXP 7.0. This content on authentication, user Import/Export, configurations, upgrade considerations and what has changed from previous Liferay...
Configuring Cookies' httpOnly Status
legacy How To
Description By default, the Liferay platform sets all of its cookies to httpOnly true in its portal.properties file (Liferay 6.2 and earlier) or in its system.properties (starting with Liferay 7.0) files. # #...
How to configure HTTPS in Tomcat for Liferay DXP 7.3
legacy How To
Introduction Liferay Support does not recommend or endorse specific third-party products over others. Liferay is not responsible for any instructions herein or referenced regarding...
FAQ for LDAP on Liferay DXP
legacy
This document has been updated and ported to Liferay Learn and is no longer maintained here. This article documents some of the most frequently asked questions regarding the use of Lightweight Directory Access Protocol...
Possible LDAP NullPointerExceptions
legacy Troubleshooting
This article is a legacy article. It applies to previous versions of the Liferay product. While the article is no longer maintained, the information may still be applicable. When...
Configuring reCAPTCHA v2 in Liferay Portal 6.2 EE
legacy How To
This article outlines how to configure reCAPTCHA version 2 in Liferay Portal 6.2.  Google is sunsetting reCAPTCHA v1 and as of March 2018 all v1 API calls will no longer work. In response to this "End of Life"...
NTLM Browser Support
legacy
Affected Versions Liferay DXP 7.1 Liferay DXP 7.0 Liferay Portal 6.2 EE Liferay Portal 6.1 EE Integrating NTLM with Liferay products should only be done with Internet Explorer for...
Customer and Deployment Impact of Disabling TLS 1.0 for Inbound Traffic on Liferay Services
legacy
Due to vulnerabilities in the Transport Layer Security v1.0, Liferay has disabled TLS 1.0 for inbound secure connections on all systems and services on January 11, 2019. We previously announced in November 2018 that...
Authentication Error When Logging In With Google Account
legacy Troubleshooting
This article documents an authentication error when attempting to log in to the portal instance using a google account. Listed below are the steps to resolve the issue or avoid it altogether. Resolution Error:...