Solving OWASP security vulnerabilities in Liferay 6.0.x

By John Negoita on Thursday, July 14th, 2016 in Liferay. No Comments

I have worked with Liferay for over 5 years, delivering solutions on the Liferay platform to clients of all sizes. Medium to large clients, multinational companies especially, have to conform to lots of rules and regulations when it comes to their IT infrastructure. Therefore, when we were approached by this type of clients we were always asked about security vulnerabilities in Liferay. In this post I will explain how we went about identifying and fixing these security issues in Liferay. Liferay 6.0.6 security audit We employed a third party to conduct a security audit on our Liferay 6.0.6 platform …


Liferay portal instances explained

By John Negoita on Friday, June 19th, 2015 in Liferay. No Comments

Liferay portal instances are a way through which Liferay handles data separation. Each Liferay instance can be seen as a separate website within the same server. Each instance has its own domain name (setup via the Virtual Host attribute of the instance). Each portal instance is only accessible through this domain name and not otherwise. How to setup Liferay portal instances? To setup a new Liferay portal instance you have to be logged in as an admin. Then go to the Control Panel via Manage > Control Panel and then in the Server section click on Portal Instances > Add. You have to …


Liferay Architecture – a Simplified View

By John Negoita on Wednesday, February 19th, 2014 in Liferay. No Comments

Liferay Architecture Diagram   Let’s do a very brief analysis of the Liferay portal architecture. The best way to do that get an overview of Liferay portal architecture is through a visual representation, so here is a diagram of the Liferay architecture. 3 Tier Liferay Architecture Diagram As you can see in the diagram the Liferay architecture has 3 tiers, which is a pretty standard architecture. [googleAd] Tier 1 of the Liferay architecture: the front-end Liferay front-end is based on the implementation of JSR-268, which is the specification for Java Portlets 2.0. As pointed out in the diagram Liferay’s UI …


Liferay Script for Setting Document Library Folder Permissions

By John Negoita on Monday, November 18th, 2013 in Java, Liferay. No Comments

Setting document library folder permissions in Liferay can be a tedious task, especially if you have a complicated structure of shards and organizations. Using a script can be the faster way than doing it manually. In this post I will show you how I manage this task in production servers and will provide you with the Beanshell script. If you are unsure about how to run Beanshell scripts in Liferay you can also check out my post about Liferay Beanshell Scripts for Sharded Environments. Document library folder permissions Liferay’s document library one of the core functionality that the Liferay portal offers. …


Liferay Beanshell Scripts for Sharded Environments

By John Negoita on Monday, November 4th, 2013 in Liferay. 1 Comment

Liferay Beanshell scripts are a quick way of handling Liferay portal administration tasks that otherwise would take a very long time to do manually. // Newsletter subscription Updates on web development, web design, mobile app development and tech news. You will get an email when new content is published and you can unsubscribe at any time.


Liferay multi-tenancy configuration with shards

By John Negoita on Wednesday, June 26th, 2013 in Java, Liferay. 33 Comments

Steps to configure a Liferay multi-tenancy environment If you’ve read my previous article Liferay Saas solution – handling multi-tenancy where I describe the principles used to handle a multi-tenancy installation for Liferay, you are probably wondering about the technical details of how to actually configure a Liferay multi-tenancy environment. Well, here is a description of what we did. Hope you find it useful. If you have any questions please leave a comment an I will try to help. // Newsletter subscription Updates on web development, web design, mobile app development and tech …


Liferay Saas solution – handling multi-tenancy

By John Negoita on Monday, June 24th, 2013 in Java, Liferay. 16 Comments

Liferay SAAS Overview While trying to set up an installation of the Liferay Portal (GA 6.0.6) for the company where I currently work there were some requirements that we had to fulfill. The company develops a Liferay Saas solution for supporting various business processes and this has been implemented in the form of portlets deployed in the Liferay Portal. The back-end database chosen was MySQL. As for any Saas solutions one of the key things is scalability and in the projects requirements it was stated that the solution should scale properly to support around 15000 clients. Each client is actually …