- DXP 2023.Q3
- DXP 2023.Q4
- DXP 2024.Q1 (LTS)
- DXP 2024.Q2
- DXP 2024.Q3
- DXP 2024.Q4
- DXP 2025.Q1 (LTS)
- DXP 2025.Q2
- DXP 2025.Q3
- DXP 2025.Q4
- DXP 7.1
- DXP 7.2
- DXP 7.3
- DXP 7.4
- Liferay Commerce
- Portal 6.1
- Portal 6.2

Deployment Approach

- Liferay PaaS
- Liferay SaaS
- Liferay Self-Hosted

Capability

- Cloud
- Commerce
- Content Management System
- Development and Tooling
- Digital Asset Management
- DXP Self-Hosted Installation, Maintenance, and Administration
- Integration
- Personalization
- Platform
- Search
- Security
- Sites

Feature

- Catalogs
- DXP Configuration
- Identity Management and Authentication
- Inventory
- Objects
- Order Processing
- Personal Data Management
- Pricing
- Product Information
- Products
- Reference
- Service Access Policies
- Shipments
- Subscription Management
- User, Organization, and Account Management

How to monitor who and what deleted pages or any data

How To

Issue I would like to check who and what deleted pages or data from the Liferay system. Environment Liferay DXP 7.3 Liferay DXP 7.4 Resolution There are two ways of checking who and what deleted data: 1. From the UI...

User did not provide a valid CSRF token Error

Troubleshooting

Issue Portlet Action requests intermittently returning a 403 error code. In the logs the following error message regarding invalid CSRF token gets printed whenever the 403 error is thrown. "User [user_id] did not provide...

legacy Troubleshooting

Issue Vulnerability Assessment and Penetration Testing (VAPT) reports the parameters passed in the login request as a security threat. How can these parameters be removed or mitigated? Environment Liferay DXP 7.4+...

Can Liferay pass User Roles to the Service Provider?

legacy

Issue In a SAML configuration where Liferay acts as the Identity Provider, is Liferay able to pass its User Roles to the Service Provider? Environment Liferay 7.4 Resolution Yes, it is possible. Liferay will send...

XSS Vulnerability present when using Web Content Article's source code

Troubleshooting

Issue We've observed a XSS Vulnerability present when using Web Content Article's source code. This vulnerability appears to be present when involving the deployment of a payload via the source code. Steps to...

SAML - Can you end the Identity Provider's session when the Service Provider's session times out?

legacy Troubleshooting

Issue We have Liferay configured as a SAML Service Provider (SP), and we use third-party software as the Identity Provider (IdP) Our IdP is used for multiple applications, so its session timeout is set for a...

Is integration of mTLS possible in Liferay?

legacy How To

Issue We are required to use mTLS (Mutual Transport Layer Security) for certain requests Is it possible to integrate mTLS with Liferay? Environment DXP 7.4 Quarterly Releases Resolution Yes, it is possible to...

Is Liferay vulnerable to CVE-2024-38819: SpringFramework (spring-core-5.3.39)?

legacy

Issue CVE-2024-38819: Path traversal vulnerability in functional web frameworks (2nd report) is related to the usage of WebMvc.jar. Is Liferay vulnerable to this vulnerability? Environment Liferay DXP 7.3...

"http://localhost:8080/o/oauth2/authorize" URL redirect to the Login Page

legacy Troubleshooting

Note: please note that Liferay has renamed its Liferay Experience Could offerings to Liferay SaaS (formerly LXC) and Liferay PaaS (formerly LXC-SM). Issue When accessing the OAuth2 authorization URL...

Getting BadPaddingException errors in the logs after an upgrade

legacy Troubleshooting

Issue After upgrading Liferay DXP, javax.crypto.BadPaddingException errors appear in the logs when using 'Auto Login' feature ('Remember me'). Example error message: ERROR [AutoLoginFilter:247] Current URL /home...

SAML Logout Issues: Multiple Login Entries and Optimistic Locking Exceptions

legacy Troubleshooting

Issue When a user logs out after authenticating via SAML, multiple login entries might be recorded in the audit logs. This can lead to HibernateOptimisticLockingException errors, particularly during...

In SAML setup user is not getting login in the SP and receiving warning on the UI

legacy Troubleshooting

Issue After setting up the SAML process, the user tries to log in receiving the warning below and not being logged in. Environment Liferay 2023.Q4.0 Resolution If users are setting up an identity provider as...

SAML Authentication Error: "This message decoder only supports the HTTP POST method

legacy Troubleshooting

Issue The following SAML errors appear in the Liferay logs: ERROR [http-nio-8080-exec-5][BaseSamlStrutsAction:53] org.opensaml.messaging.decoder.MessageDecodingException: This message decoder only supports the...

Unexpected SAML calls: com.liferay.saml.internal.servlet.filter.SpSessionTerminationSamlPortalFilter.doProcessFilter

legacy Troubleshooting

Issue When navigating through the portal with SAML disabled, there are a few SAML-related filters that are still being processed, leading to database calls and causing slower performance. at...

CORS request is failing

legacy Troubleshooting

Issue If the user allows any origin (Access-Control-Allow-Origin: *) to access the resource, the CORS request fails. Steps to reproduce: 1. Start Liferay DXP 7.4 U90 2. Navigate to Control Panel > Instance...

LIFERAY.HEADLESS.DELIVERY scope missing or delayed in OAuth 2 applications

legacy Troubleshooting

Issue The LIFERAY.HEADLESS.DELIVERY scope is missing or delayed in appearing when creating or managing OAuth 2 applications. The issue can occur intermittently, with the scope sometimes appearing after a delay of...

Is it possible to offer both SAML and OIDC as SSO options?

legacy How To

Issue Both SAML and OpenID Connect(OIDC) can be configured on the same Liferay instance. However, the option to authenticate using OIDC is missing whenever SAML is enabled. Is it possible for a user to select either SSO...

Audit Events filtered by date/time are not being exported accurately

legacy Troubleshooting

Issue When using using the Audit Export Feature, filters for date and time are not applied accurately in the resulting CSV file. The exported file may not include entries explicitly requested by the filter. For...

I want to skip OpenID Connect provider selector at sign in if there is only one provider

legacy Troubleshooting

Issue We want to bypass the client selection screen because there is only one OpenID Client to choose. Environment Quarterly Releases Resolution There is a Feature Request opened for this which is currently under...

Vulnerabilities for spring-web and spring-core

legacy

Issue Vulnerabilities remain unresolved in spring-web and spring-core, even after a fix was applied to spring-context. For spring-web: Vulnerable component: org.springframework:spring-web:5.3.39 For spring-core:...

20 Entries per Page
40 Entries per Page
60 Entries per Page

Showing 1 to 20 of 624 entries.

1
2
3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
32

Capabilities

View All Capabilities

Product

Education

Knowledge Base

This Website Uses Cookies

This website uses cookies and similar tools, some of which are provided by third parties (together “tools”). These tools enable us and the third parties to access and record certain user-related and activity data and to track your interactions with this website. These tools and the informationcollected are used to operate and secure this website, enhance performance, enable certain website features and functionality, analyze and improve website performance, and personalize user experience.

If you click “Accept All”, you allow the deployment of all these tools and collection of the information by us and the third parties for all these purposes.

If you click “Decline All” your IP address and other information may still be collected but only by tools (including third party tools) that are necessary to operate, secure and enable default website features and functionalities. Review and change your preferences by clicking the “Configurations” at any time.

Visit our Privacy Policy