Input a list of comma delimited resource action configurations that will be read from the class path. Input a list of comma delimited Spring configurations. These will be loaded after the bean definitions specified in the contextConfigLocation parameter in web.
Many of the following properties should only be customized if you have advanced knowledge of Hibernate. They map to various Hibernate configuration options which themselves have detailed documentation. Set the Hibernate connection release mode.
You should not modify this unless you know what you're doing. The default setting works best for Spring managed transactions. See the method buildSessionFactory in class org. Set the Hibernate cache provider. Ehcache is recommended in a clustered environment. See the property net. Use these properties to disable Hibernate caching. This may be a performance hit; you may only want to use these properties for diagnostic purposes. Set the JDBC batch size to improve performance.
If you're using Oracle 9i, however, you must set the batch size to 0 as a workaround for a hanging bug in the Oracle driver. Use the classic query factory until WebLogic and Hibernate 3 can get along. Set the classpath to the location of the Ehcache config file for internal caches.
Edit the file specified in the property ehcache. Commons Pool is used to pool and recycle objects that are used very often. This can help lower memory usage. There is some debate over the synchronization issues related to Commons Pool. Set this to false to disable object pooling. There are two lists of files specified in the properties javascript. As the name suggests, the barebone list is a trimmed down version of the everything list whereas the everything list is a list of all loaded JavaScript files.
The two lists of files exist for performance reasons because unauthenticated users usually do not utilize all the JavaScript that is available. See the property javascript. The list of files are also merged and packed for further performance improvements. The ordering of the JavaScript files is important. Specifically, all JQuery scripts should go first. The Liferay scripts are grouped in such a way that the first grouping denotes utility scripts that are used by the second and third groups.
The second grouping denotes utility classes that rely on the first group, but does not rely on the second or third group. The third grouping denotes modules that rely on the first and second group. Set this property to false to always load JavaScript files listed in the property javascript. Set this to true to sometimes load javascript.
The default logic is coded in com. ServicePreAction in such a way that unauthenticated users get the barebone list of JavaScript files whereas authenticated users get the everything list of JavaScript files.
Set this property to true to load the packed version of files listed in the properties javascript. Set the following to true to allow users to select the remember me feature to automatically login to the portal.
Set the following to the maximum age in number of seconds of the browser cookie that enables the remember me feature. A value of signifies a lifespan of one year. A value of -1 signifies a lifespan of a browser session. Rather than setting this to 0, set the property company.
Set the following to true to allow strangers to create accounts and register themselves on the portal. Set the following to true if strangers can create accounts with email addresses that match the company mail suffix.
This property is not used unless company. Set the following to true to allow community administrators to use their own logo instead of the enterprise logo. Set the following to true to always autogenerate user screen names even if the user gives a specific user screen name.
Input a class name that extends com. This class will be called to generate user screen names. This class will be called to validate user ids.
Set the maximum file size for user portraits. A value of 0 for the maximum file size can be used to indicate unlimited file size. However, the maximum file size allowed is set in property com.
Input a list of comma delimited system group names that will exist in addition to the standard system groups. When the server starts, the portal checks to ensure all system groups exist. Any missing system group will be created by the portal. Input a list of comma delimited system role names that will exist in addition to the standard system roles. When the server starts, the portal checks to ensure all system roles exist. Any missing system role will be created by the portal. These roles cannot be removed or renamed.
Input a list of comma delimited system community role names that will exist in addition to the standard system community roles. When the server starts, the portal checks to ensure all system community roles exist. Any missing system community role will be created by the portal. Input a list of comma delimited system organization role names that will exist in addition to the standard system organization roles. When the server starts, the portal checks to ensure all system organization roles exist.
Any missing system organization role will be created by the portal. Omni admin users can administer the portal's core functionality: gc, shutdown, etc. Omni admin users must belong to the default company. Multiple portal instances might be deployed on one application server, and not all of the administrators should have access to this core functionality.
Input the ids of users who are omniadmin users. Leave this field blank if users who belong to the right company and have the Administrator role are allowed to administer the portal's core functionality. Specify the available locales. Use a comma to separate each entry. Set the following to true if unauthenticated users get their preferred language from the Accept-Language header.
Set the following to false if unauthenticated users get their preferred language from their company. Specify the available time zones.
The specified ids must match those from the class java. Set the following to true if you want a change in the theme selection of the public or private group to automatically be applied to the other i. Portlets that have been configured to use private request attributes in liferayportlet. This property allows you to configure which request attributes will be shared.
Set a comma delimited list of attribute names that will be shared when the attribute name starts with one of the specified attribute names.
Specify the number of minutes before a session expires. This value is always overridden by the value set in web. Specify the number of minutes before a warning is sent to the user informing the user of the session expiration. Specify 0 to disable any warnings. Set the auto-extend mode to true to avoid having to ask the user whether to extend the session or not. Instead it will be automatically extended. The purpose of this mode is to keep the session open as long as the user browser is open and with a portal page loaded.
It is recommended to use this setting along with a smaller session. Portlets that have been configured to use private session attributes in liferay-portlet. This property allows you to configure which session attributes will be shared. Note that this property is used to specify the sharing of session attributes from the portal to the portlet.
This is not used to specify session sharing between portlet WARs or from the portlet to the portal. Set this to false to disable all persistent cookies. Features like automatically logging in will not work.
The login process sets several cookies if persistent cookies are enabled. Set this property to set the domain of those cookies. Set the following to true to invalidate the session when a user logs into the portal.
This helps prevents phishing. Set this to false if you need the guest user and the authenticated user to have the same session. Set the following to true to test whether users have cookie support before allowing them to sign in. This test will always fail if tck.
Set the following to true to disable sessions. Doing this will use cookies to remember the user across requests. This is useful if you want to scale very large sites where the user may be sent to a different server for each request.
The drawback to this approach is that you must not rely on the API for sessions provided by the servlet and portlet specs. This feature is only available for Tomcat and requires that you set Tomcat's Manager class to com.
Input a list of comma delimited class names that extend com. These classes will run at the specified event. Set the following to true to track user clicks in memory for the duration of a user's session. Setting this to true allows you to view all live sessions in the Admin portlet. Set the following to true to track user clicks in the database after a user's session is invalidated. Setting this to true allows you to generate usage reports from the database.
Use this cautiously because this will store a lot of usage data. Set the following to false to disable JAAS security checks. Disabling JAAS speeds up login. JAAS must be disabled if administrators are to be able to impersonate other users.
By default, com. PortalLoginModule loads the correct JAAS login module based on what application server or servlet container the portal is deployed on. Set a JAAS implementation class to override this behavior. The JAAS process may pass in an encrypted password and the authentication will only succeed if there is an exact match. Set this property to false to relax that behavior so the user can input an unencrypted password.
Set the following to true to enable administrators to impersonate other users. JAAS must also be disabled for this feature to work.
Settings for com. The default settings are for Apache Directory Server. Encryption is implemented by com. Set either bind or password-compare for the LDAP authentication method. Bind is preferred by most vendors so that you don't have to worry about encryption strategies. Set the password encryption to used to compare passwords if the property ldap.
Active Directory stores information about the user account as a series of bit fields in the UserAccountControl attribute. If you want to prevent disabled accounts from logging into the portal you need to use a search filter similar to the following:. You can write your own class that extends com. When a user is exported to LDAP and the user does not exist, the user will be created with the following default object classes.
When importing and exporting users, the portal will use this mapping to connect LDAP user attributes and portal user variables. When importing groups, the portal will use this mapping to connect LDAP group attributes and portal user group variables. Set either user or group for import method. If set to user, portal will import all users and the groups associated with those users.
If set to group, the portal import all groups and the users associated those groups. Settings for exporting users from the portal to LDAP. This allows a user to modify his first name, last name, etc.
This will only be active if the property ldap. New users and groups will be created at the specified DN. Set these values to be a portion of the error message returned by the appropriate directory server to allow the portal to recognize messages from the LDAP server. The default values will work for Fedora DS.
Set this to true to enable CAS single sign on. If set to true, then the property auto. CASAutoLogin and the filter com. CASFilter must be referenced in web. A user may be authenticated from CAS and not yet exist in the portal. Set this to true to automatically import users from LDAP if they do not exist in the portal. Set either cas. Setting cas. See LEP Set this to true to enable NTLM single sign on. If set to true, then the property "auto. NtlmAutoLogin and the filter com.
NtlmFilter must be referenced in web. Set this to true to enable OpenId authentication. These classes will run before or after the portal authentication begins.
The Authenticator class defines the constant values that should be used as return codes from the classes implementing the interface. In case you have several classes in the authentication pipeline, all of them have to return SUCCESS if you want the user to be able to login. Under certain circumstances, you might want to keep the information in the portal database in sync with an external database or an LDAP server.
This can easily be achieved by implementing a class via LDAPAuth that updates the information stored in the portal user database whenever a user signs in. Each portal instance can be configured at run time to either authenticate based on user ids or email addresses.
See the Admin portlet for more information. Set this to true to enable password checking by the internal portal authentication. If set to false, you're essentially delegating password checking is delegated to the authenticators configured in auth.
These classes will run when a user has a failed login or when a user has reached the maximum number of failed logins. Set the following to true if users are forwarded to the last visited path upon successful login. If set to false, users will be forwarded to their default layout page. The login page reads a redirect by a parameter named redirect. If this property is set to true, then users will be redirected to the given redirect path upon successful login.
If the user does not have permission to view that page, then the rule set by the property auth. Enter a URL that will be used to login portal users whenever needed. By default, the portal's login page is used.
Enter a friendly URL of a page that will be used to login portal users whenever the user is navigating a community and authentication is needed. By default, the portal's login page or the URL set in the property auth. Enter the name of the login portlet used in a page identified by the URL of the previous property if one has been set. This will allow the portlet to have access to the redirect parameter and thus forward the user to the page where he was trying to access when necessary.
You should leave the default value unless you have your own custom login portlet. These classes will run in consecutive order for all unauthenticated users until one of them return a valid user id and password combination. If no valid combination is returned, then the request continues to process normally.
If a valid combination is returned, then the portal will automatically login that user with the returned user id and password combination. For example, com. RememberMeAutoLogin reads from a cookie to automatically log in a user who previously logged in while checking the Remember Me box. This interface allows deployers to easily configure the portal to work with other SSO servers. See com. Pass the MAC in the password field. Set the following encryption algorithm to encrypt passwords.
If set to NONE, passwords are stored in the database as plain text. The SHA algorithm is currently unsupported. This class will be called to generate and validate passwords. If you choose to use com. PasswordPolicyToolkit as your password toolkit, you can choose either static or dynamic password generation. Static is set through the property passwords. PwdGenerator to generate the password.
If you are using LDAP password syntax checking, you will also have to use the static generator so that you can guarantee that passwords obey its rules. RegExpToolkit as your password toolkit, set the regular expression pattern that will be used to generate and validate passwords. The second pattern ensures that passwords must have at least 8 valid characters consisting of digits or letters.
Set the default permission checker class used by com. PermissionCheckerFactory to check permissions for actions on objects. This class can be overridden with a custom class that extends com. Set the algorithm used to check permissions for a user. This is useful so that you can optimize the search for different databases. The default is method two. The first algorithm uses several if statements to query the database for these five things in order. If it finds any one of them, it returns true:.
Is the user associated with groups or organizations that are directly connected to one of the permissions? The third algorithm checks the permissions by checking for three things.
It combines the role check into one step. If it finds any of the following items, it returns true:. The fourth algorithm does a database join and checks the permissions that algorithm three checks in one step, by calling countByGroupsPermissions , countByRolesPermissions , and countByUsersPermissions in one method. Set the default permissions list filter class. This class must implement com. This is used if you want to filter the list of permissions before it is actually persisted. Set this value to zero to always check.
Set this value to a number less than zero to never check. The following is an application startup event that runs once for every web site instance of the portal that initializes. Application shutdown event that runs once for every web site instance of the portal that shuts down. Programmatically kill the Java process on shutdown. This is a workaround for a bug in Tomcat and Linux where the process hangs on forever.
These classes will run before or after the specified event. The convention is to create a set of properties prefixed with "jdbc. These data sources can also be created via JNDI by setting the properties "jdbc.
DB2 jdbc. DB2Driver jdbc. EmbeddedDriver jdbc. IngresDriver jdbc. Driver jdbc. OracleDriver jdbc. P6SpyDriver jdbc. The data source factory can be configured to use JNDI or another pooling implementation by modifying infrastructure-spring. Edit the file specified in the property "ehcache. LdapCtxFactory ldap. The default settings are for Apache Directory Server. Encryption is implemented by com.
Bind is preferred by most vendors so that you don't have to worry about encryption strategies. AttributesTransformer You can write your own class that extends com. If set to user, portal will import all users and the groups associated with those users. If set to group, the portal import all groups and the users associated those groups.
This value should be set based on how your LDAP server stores group membership information. This allows a user to modify his first name, last name, etc. This will only be active if the property "ldap. New users and groups will be created at the specified DN. The default values will work for Fedora DS. If set to true, then the property "auto. CASAutoLogin and the filter com. CASFilter must be referenced in web.
Set this to true to automatically import users from LDAP if they do not exist in the portal. Set either "cas. Set this property to true to add a security check around this behavior. This security token is automatically. Modify the property "portlet. The security check utilizes the implementation set in the property. Set a list of comma delimited portlet IDs that will bypass the security.
Input a list of comma delimited struts actions that will bypass the. Set a list of comma delimited portlet IDs that will bypass the checks at.
Such a portlet can also be embedded in a theme. Keep in mind that this can be risky, because an attacker can issue POST. Input a list of comma delimited struts actions that will bypass the checks. Input a regular expression to ban paths that cannot be used to serve. Set this property to true to enable portlet session replication. This is. Portlet Config.
Set this property to true to show the portlet ID as a subtitle of the. Input a list of portlet resources that will be loaded. Portlet Container. Set this property to true to restrict portlet communication via request. Portlet Coordination.
This property controls how cross layout portlet URLs are invoked. When set. When set to "all", all portlet URL types will be allowed. Set this property to specify how events are distributed. If the value is. If the value is "layout", then events will be distributed to.
Set this property to specify how public render parameters are distributed. If the value is "layout-set", then public render parameters will be. This will only work. Portlet Dependencies. Dependency, or HeaderResponse. If specified, CSS.
If "cdn. Generation of portlet dependency markup can be customized with an OSGi. If specified, JavaScript. Portlet Display Templates. Set the location of the default error content for portlet display. Set the location of the default help content for portlet display templates. Portlet Filters. Input a list of portlet filters that will be applied to all portlets. Portlet Preferences. In some cases, the content. This property defines a.
Above the. The default value. Set this property to false to break PLT. This property exists. Set this property to true to load the theme's merged CSS files for faster. Set this property to false for easier debugging for development. You can. See the property "theme. Set this property to true to load the theme's merged image files for. Set this property to true to allow directly invoked JSPs to be overridden.
Set the theme's shortcut icon. Set this with an absolute path to specify where imported theme files from. This path will override the file-storage path.
Themes can be imported via LAR files. Set this to true if imported themes. This will ensure that a copy of. However, this. It is recommended that you set this to false. Set this to true to decorate portlets by default. Set this to true to expose sharing icons for portlets by default. Resource Actions. Input a list of comma delimited resource action configurations that will. This should only be set to false when it is called by Service Builder.
Set this property to true to only read portlet resources from web modules. Set this property to false to allow reading portlet and model. Model Hints. Input a list of comma delimited model hints configurations. Model Tree Path. Set the batch size of database query results returned during the tree.
If set to -1, the results will not be paginated and. Input a list of comma delimited Spring configurations. These will be. Input a list of comma delimited Spring infrastructure configurations. These will be loaded after the module framework is initialized but before. Set this property to true to verify that the session factory is owned by. Set this property to false to turn off.
Set the list of portal classes that will be preloaded by the. PreloadClassloader and therefore available to a plugin's Hibernate session. Set this property to false to manually open and close sessions. Input a list of comma delimited Hibernate configurations. Liferay will automatically detect the Hibernate dialect in. Set this property. Set the Hibernate connection release mode. You should not modify this. The default setting works best for.
Spring managed transactions. See the method buildSessionFactory in class. LocalSessionFactoryBean and search for. Set the JDBC batch size to improve performance. See LPS for. See LEP for more. Set other miscellaneous Hibernate properties. Use the classic query factory until WebLogic and Hibernate 3 can get.
Set this property to true to enable Hibernate cache monitoring. LPS for more information. Set the regexp pattern to filter a Hibernate session factory imported. This is used to fix the infamous Hibernate ReflectHelper. For more details, see the Hibernate issues. If no regexp pattern is set, classloader resolving is skipped, resulting.
The wildcard pattern ". Any other pattern resolves the class name against the configuration's. If it can not be resolved, it attempts to match this. If it matches, continue with classloader resolving; otherwise,. Set this property to true to enable constraint propagation to DDL.
If none is set, then the. Set the properties used to create the JDBC data source. These properties. The default settings are configured for an in-memory database called. Hypersonic that is not recommended for production use. Please change the.
To configure the portal to use one data source for read calls and another. Similar to the settings prefixed with "jdbc. Add "jdbc. Add dynamic-data-source-spring. SQL Server.
See com. DataSourceFactoryBean for the. It is important to understand the strengths and. Provider specific properties can also be passed. For example, the property. The default provider is HikariCP. The following properties will be read by C3PO if Liferay is configured to. The following properties will be read by HikariCP if Liferay is configured. HikariCP recommends to also tune database settings.
Connection Pool in the property "jdbc. Custom SQL. Set this property to true to automatically escape wildcards to literal. Input a list of comma delimited custom SQL configurations. Set the. There is no need to manually set these properties because. PortalHibernateConfiguration already sets it. However, these properties are available so that you can see how you can. MySQL for testing only. Data Limit. Set the maximum allowed document library storage size per company.
Set the maximum allowed mail messages per company within a period. Set the maximum allowed mail messages per period in seconds. Set this to 0. Set the maximum allowed asset categories per company. Set this to 0 or a. Set the maximum allowed asset tags per company.
Set the maximum allowed asset vocabularies per company. Set the maximum allowed blogs entries per company. Set the maximum allowed document library file entries per company. Set the maximum allowed document library folders per company.
Set this to. Set the maximum allowed journal articles per company. Set the maximum allowed journal folders per company. Set the maximum allowed knowledge base articles per company. Set the maximum allowed knowledge base folders per company. Set the maximum allowed message board categories per company. Set the maximum allowed message board messages per company. Set the maximum allowed groups per company.
Set this to 0 or a negative. Set the maximum allowed layouts per company. Set the maximum allowed organizations per company. Set the maximum allowed roles per company. Set the maximum allowed teams per company. Set the maximum allowed users per company. Set the maximum allowed site navigation menu items per company.
Set this. Set the maximum allowed wiki nodes per company. Set the maximum allowed wiki pages per company. Set the maximum allowed sites per company. Set this property to true to update database indexes on startup. Make sure that your custom indexes do not match the. Liferay pattern to ensure that your custom indexes are not removed as. Set the max number of parameters for an IN clause.
Set the max length for string type of index. Specify any database vendor specific settings. Set the MySQL engine type. InnoDB is the recommended engine because it. Set the transaction isolation level for the Counter service. The preferred value. If the transaction manager. Set the definition of the "portal" transaction isolation level.
It is. Set the value to -1 to use the database's default isolation. Set the value to 2 to use "read committed". Set the value to 1 to. Set the value to 4 to use "repeatable read". Additional properties that follow the pattern. Transactional Cache. Set this property to true to enable transactional cache. When enabled,. Caches rollback when transactions rollback. Set a list of comma delimited transactional portal cache names.
0コメント