Bence Losonczy

Background In the digital age, managing user identity information across applications can be challenging. SCIM, or the System for Cross-domain Identity Management specification, is designed to simplify this process. This post explores SCIM's background, purpose, and features in the context of Liferay, highlighting its role in streamlining user identity management for...

Introduction In today's digital world, keeping data secure and transparent is crucial for organizations. At Liferay, we understand that our users need to know who's using their systems and what they're doing. That's why we've developed a solution that improves audit logs, focusing on role actions and impersonation events. But why did we create this feature, and what does it do?...

In the realm of remote document access and editing, WebDAV stands as a prominent solution. Its versatility and customer demand make it an invaluable tool for many organizations. However, WebDAV's support for HTTP Basic and Digest authentication methods presents a security challenge, particularly in the realm of password storage. This blog post explores why the feature of secure access...

Introduction: In a bid to improve our services, the Headless Admin User API has undergone significant enhancements. Specifically, we have expanded our API to include POST, PUT, DELETE, and PATCH endpoints for managing postal addresses associated with user accounts. This development aims to provide more comprehensive functionality and greater flexibility for our users. ...

Introduction Efficient user management is a top priority in the world of software development. However, dealing with inactive users has long been a challenge for developers. This often-overlooked aspect of user management can lead to cluttered systems and inefficiencies. Fortunately, a set of new features has been introduced to address this issue, offering developers...

Introduction: In the ever-evolving landscape of user management and permissions, staying in control is crucial. A recent feature has emerged to address this need, offering more granular control over account administrators' actions. This blog post will delve into the details of this feature, its purpose, benefits, and how it simplifies the lives of users and developers. ...

Introduction: This feature addresses the inconvenience of not being able to remove specific entries from user invitation forms, enhancing the user experience for admin users who create these forms. It solves the problem of inefficient form management, allowing users to remove entries without starting over. The feature enables users to remove entries from the invitation form...

Background Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross-Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft, to site defacement, to malware distribution.   Who needed it? Administrators who care about security.   What...

Exporting audit data   We created a solution where Instance Administrators are able to export audit records as a file in order to further analyze it. It is also possible to download separate files per user, and per site.   For site events first you need to take these steps in order to store it: Go to “Control Panel > System Settings > Audit >...