Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
10868 lines (9431 sloc) 396.604 kb
##
## Properties Override
##
#
# Specify where to get the overridden properties. Updates should not be made
# on portal.properties or on portal-bundle.properties, but in
# portal-ext.properties.
#
# The default read order is: portal.properties, portal-bundle.properties,
# portal-ext.properties, and then portal-setup-wizard.properties.
#
include-and-override=portal-bundle.properties
include-and-override=${liferay.home}/portal-bundle.properties
include-and-override=portal-ext.properties
include-and-override=${liferay.home}/portal-ext.properties
include-and-override=portal-setup-wizard.properties
include-and-override=${liferay.home}/portal-setup-wizard.properties
#
# Each portal instance can have its own overridden property file following
# the convention portal-companyWebId.properties. To enable this feature, set
# the "company-id-properties" system property to true.
#
# To enable:
#
# java ... -Dcompany-id-properties=true
#
# The read order will now be: portal.properties, then portal-ext.properties,
# and then portal-liferay.com.properties.
#
# Note that not all properties can have different values per company. This
# functionality is only available for legacy reasons. The preferred way to
# configure a portal instance is through the Control Panel.
#
include-and-override=portal-${easyconf:companyId}.properties
include-and-override=${liferay.home}/portal-${easyconf:companyId}.properties
#
# Additional property files can be used by setting the "external-properties"
# system property.
#
# A common use case is to keep legacy property values when upgrading to
# newer versions of Liferay. To enable:
#
# java ... -Dexternal-properties=portal-legacy-5.1.properties
#
# The read order will now be: portal.properties, then portal-ext.properties,
# and then portal-legacy-5.1.properties.
#
include-and-override=${external-properties}
include-and-override=${liferay.home}/${external-properties}
##
## Liferay Home
##
#
# Specify the Liferay home directory.
#
liferay.home=${resource.repositories.root}
#
# This property is available for backwards compatibility. Please set the
# property "liferay.home" instead.
#
resource.repositories.root=${default.liferay.home}
##
## Portal Context
##
#
# Set the application server's protocol. Lucene will use it to load the
# index from the cluster when the hostname and port are not detected on the
# first request. Note that this property refers to the application server's
# protocol, and not the web server's as specified in the property
# "web.server.protocol".
#
portal.instance.protocol=
#portal.instance.protocol=http
#portal.instance.protocol=https
#
# Set the application server's hostname and port for the protocol specified
# in the property "portal.instance.protocol". Lucene will use it to load the
# index from the cluster when the hostname and port are not detected on the
# first request. Note that this property must be used with the property
# "portal.instance.protocol" and it refers to the application server's
# hostname and port, not the web server's port as specified in the properties
# "web.server.http.port" and "web.server.https.port".
#
portal.instance.inet.socket.address=
#portal.instance.inet.socket.address=localhost:8080
#portal.instance.inet.socket.address=localhost:8443
#
# Set this property if the application server is served behind a proxy and
# a prefix needs to be added to the portal servlet context path. This prefix
# will also be added to static resources served by layout templates,
# portlets, and themes.
#
portal.proxy.path=
##
## TCK
##
#
# Set this to true to enable programmatic configuration to let the Portlet
# TCK obtain a URL for each test. This should never be set to true unless
# you are running the TCK tests.
#
tck.url=false
##
## Schema
##
#
# Set this to true to automatically create tables and populate with default
# data if the database is empty.
#
schema.run.enabled=true
##
## Upgrade
##
#
# Input a list of comma delimited class names that implement
# com.liferay.portal.upgrade.UpgradeProcess. These classes will run on
# startup to upgrade older data to match with the latest version.
#
# Escape the comma so that the property can be properly interpolated. For
# example, the property "upgrade.processes.6100" will not properly reference
# the property "upgrade.processes.default" unless the commas are escaped.
# See StartupHelper#getUpgradeProcessClassNames(String).
#
upgrade.processes.master=\
com.liferay.portal.upgrade.UpgradeProcess_6_0_0\,\
com.liferay.portal.upgrade.UpgradeProcess_6_0_1\,\
com.liferay.portal.upgrade.UpgradeProcess_6_0_2\,\
com.liferay.portal.upgrade.UpgradeProcess_6_0_3\,\
com.liferay.portal.upgrade.UpgradeProcess_6_0_5\,\
com.liferay.portal.upgrade.UpgradeProcess_6_0_6\,\
com.liferay.portal.upgrade.UpgradeProcess_6_1_0\,\
com.liferay.portal.upgrade.UpgradeProcess_6_1_1\,\
com.liferay.portal.upgrade.UpgradeProcess_6_2_0\,\
com.liferay.portal.upgrade.UpgradeProcess_7_0_0
upgrade.processes.5203=${upgrade.processes.master}
upgrade.processes.6000=${upgrade.processes.master}
upgrade.processes.6001=${upgrade.processes.master}
upgrade.processes.6002=${upgrade.processes.master}
upgrade.processes.6003=${upgrade.processes.master}
upgrade.processes.6004=${upgrade.processes.master}
upgrade.processes.6005=${upgrade.processes.master}
upgrade.processes.6006=${upgrade.processes.master}
upgrade.processes.6100=${upgrade.processes.master}
upgrade.processes.6101=${upgrade.processes.master}
upgrade.processes.6102=${upgrade.processes.master}
upgrade.processes.6110=${upgrade.processes.master}
upgrade.processes.6120=${upgrade.processes.master}
upgrade.processes.6130=${upgrade.processes.master}
upgrade.processes.6200=${upgrade.processes.master}
upgrade.processes.6201=${upgrade.processes.master}
upgrade.processes.7000=${upgrade.processes.master}
#
# If this property is specified with a list of classes, then the portal will
# use this list of upgrade processes without taking into account any of the
# other "upgrade.processes.*" property settings.
#
# This property is deprecated and only provided for backwards compatibility.
#
upgrade.processes=
#
# Set this to true to disable database transaction management during
# upgrades. This forces autocommit, which will speed up the upgrade process.
#
upgrade.database.transactions.disabled=true
##
## Verify
##
#
# Input a list of comma delimited class names that implement
# com.liferay.portal.verify.VerifyProcess. These classes will run on
# startup to verify and fix any integrity problems found in the database.
# Please be aware that this may make modifications directly to the database.
#
verify.processes=com.liferay.portal.verify.VerifyProcessSuite
#
# Specify the frequency for verifying the integrity of the database.
#
# Constants in VerifyProcess:
# public static final int ALWAYS = -1;
# public static final int NEVER = 0;
# public static final int ONCE = 1;
#
verify.frequency=1
#
# Set this to true to disable database transaction management during
# verification. This forces autocommit, which will speed up the verify
# process.
#
verify.database.transactions.disabled=true
#
# Configure this threshold to indicate when to execute certain
# com.liferay.portal.verify.VerifyProcess tasks concurrently. Each
# VerifyProcess implementation governs what it may concurrently execute.
#
verify.process.concurrency.threshold=5
##
## Auto Deploy
##
#
# Input a list of comma delimited class names that implement
# com.liferay.portal.kernel.deploy.auto.AutoDeployListener. These classes
# are used to process the auto deployment of WARs.
#
auto.deploy.listeners=\
com.liferay.portal.deploy.auto.ExtAutoDeployListener,\
com.liferay.portal.deploy.auto.HookAutoDeployListener,\
com.liferay.portal.deploy.auto.LayoutTemplateAutoDeployListener,\
com.liferay.portal.deploy.auto.LiferayPackageAutoDeployListener,\
com.liferay.portal.deploy.auto.ModuleAutoDeployListener,\
com.liferay.portal.deploy.auto.PortletAutoDeployListener,\
com.liferay.portal.deploy.auto.ThemeAutoDeployListener,\
com.liferay.portal.deploy.auto.WebAutoDeployListener,\
com.liferay.portal.deploy.auto.exploded.tomcat.HookExplodedTomcatListener,\
com.liferay.portal.deploy.auto.exploded.tomcat.LayoutTemplateExplodedTomcatListener,\
com.liferay.portal.deploy.auto.exploded.tomcat.PortletExplodedTomcatListener,\
com.liferay.portal.deploy.auto.exploded.tomcat.ThemeExplodedTomcatListener
#
# Set this to true to enable auto deploy of layout templates, portlets, and
# themes.
#
auto.deploy.enabled=true
#
# Set the directory to scan for layout templates, portlets, and themes to
# auto deploy.
#
auto.deploy.deploy.dir=${liferay.home}/deploy
#
# Set the directory where auto deployed WARs are copied to. The application
# server or servlet container must know to listen on that directory.
# Different containers have different hot deploy paths. For example, Tomcat
# listens on "${catalina.base}/webapps" whereas JBoss listens on
# "${jboss.home.dir}/deploy". Set a blank directory to automatically use the
# application server specific directory.
#
auto.deploy.dest.dir=
auto.deploy.default.dest.dir=../webapps
auto.deploy.geronimo.dest.dir=${org.apache.geronimo.home.dir}/deploy
auto.deploy.glassfish.dest.dir=${com.sun.aas.instanceRoot}/autodeploy
auto.deploy.jboss.dest.dir=${jboss.home.dir}/standalone/deployments
auto.deploy.jboss.dest.dir[5]=${jboss.server.home.dir}/deploy
auto.deploy.jetty.dest.dir=${jetty.home}/webapps
auto.deploy.jonas.dest.dir=${jonas.base}/deploy
auto.deploy.resin.dest.dir=${resin.home}/webapps
auto.deploy.tomcat.dest.dir=${catalina.base}/webapps
auto.deploy.weblogic.dest.dir=${env.DOMAIN_HOME}/autodeploy
auto.deploy.websphere.dest.dir=${env.USER_INSTALL_ROOT}/wsadmin-deploy
#
# Set the interval in milliseconds on how often to scan the directory for
# changes.
#
auto.deploy.interval=3000
#
# Set this to true if deployed WARs are unpacked. Set this to false if your
# application server has concurrency issues with deploying large WARs.
#
auto.deploy.unpack.war=true
#
# Set this to true if plugins should automatically copy Commons Logging.
#
auto.deploy.copy.commons.logging=true
#
# Set this to true if plugins should automatically copy Log4j.
#
auto.deploy.copy.log4j=true
#
# Set this to true if you want the deployer to rename portlet.xml to
# portlet-custom.xml. This is only needed when deploying the portal on
# WebSphere 6.1.x with a version before 6.1.0.7 because WebSphere's portlet
# container will try to process a portlet at the same time that Liferay is
# trying to process a portlet.
#
auto.deploy.custom.portlet.xml=false
#
# Set this to 1 if you are using JBoss' PrefixDeploymentSorter. This will
# append a 1 in front of your WAR name. For example, if you are deploying a
# portlet called test-portlet.war, it will deploy it to 1test-portlet.war.
# JBoss now knows to load this portlet after the other WARs have loaded.
# However, it will remove the 1 from the context path.
#
# Modify /server/default/conf/jboss-service.xml.
# See org.jboss.deployment.scanner.PrefixDeploymentSorter.
#
auto.deploy.jboss.prefix=
#
# Set the Glassfish settings to enable JSR 88 application deployment.
#
auto.deploy.glassfish.jee.deployment.enabled=false
auto.deploy.glassfish.jee.dm.id=deployer:Sun:AppServer::localhost:4848
auto.deploy.glassfish.jee.dm.user=admin
auto.deploy.glassfish.jee.dm.passwd=adminadmin
auto.deploy.glassfish.jee.df.classname=com.sun.enterprise.deployapi.SunDeploymentFactory
#
# Set the path to Tomcat's configuration directory. This property is used to
# auto deploy exploded WARs. Tomcat context XML files found in the auto
# deploy directory will be copied to Tomcat's configuration directory. The
# context XML file must have a docBase attribute that points to a valid WAR
# directory.
#
auto.deploy.tomcat.conf.dir=../conf/Catalina/localhost
#
# Set the path to Tomcat's global class loader. This property is only used
# by Tomcat in a standalone environment.
#
auto.deploy.tomcat.lib.dir=../common/lib/ext
#
# Set the options used when calling the AdminApp.install command.
#
# See http://pic.dhe.ibm.com/infocenter/wasinfo/v8r0/topic/com.ibm.websphere.express.doc/info/exp/ae/rxml_adminapp.html#rxml_adminapp__cmd9
# for more information.
#
auto.deploy.websphere.wsadmin.app.manager.install.options=-appname ${auto.deploy.websphere.wsadmin.app.name} -contextroot /${plugin.servlet.context.name} -usedefaultbindings
#
# Set the options used when calling the AdminApp.list command.
#
# See http://pic.dhe.ibm.com/infocenter/wasinfo/v8r0/topic/com.ibm.websphere.express.doc/info/exp/ae/rxml_adminapp.html#rxml_adminapp__cmd9
# for more information.
#
auto.deploy.websphere.wsadmin.app.manager.list.options=
#
# Set the options used when calling the AdminApp.update command.
#
# See http://pic.dhe.ibm.com/infocenter/wasinfo/v8r0/topic/com.ibm.websphere.express.doc/info/exp/ae/rxml_adminapp.html#rxml_adminapp__cmd9
# for more information.
#
auto.deploy.websphere.wsadmin.app.manager.update.options=-contents ${auto.deploy.dest.dir}/${plugin.servlet.context.name}.war -contextroot /${plugin.servlet.context.name} -operation update -usedefaultbindings
#
# WebSphere 6 and 7 do not support the ability to hot deploy a WAR. The
# portal will attempt to use the wsadmin script to install a hot deployed
# plugin at runtime if this property is set. The wsadmin script uses this
# property to query the WebSphere application manager. Set this property
# to a blank value to disable this feature.
#
#auto.deploy.websphere.wsadmin.app.manager.query=
auto.deploy.websphere.wsadmin.app.manager.query=type=ApplicationManager,process=server1,*
#
# Set the suffix to be added to the plugin servlet context name in order to
# identify the WebSphere process it is deployed to. Leave it blank to use
# the plugin servlet context name only.
#
auto.deploy.websphere.wsadmin.app.name.suffix=
#
# Set the properties file name to use when invoking the wsadmin command.
# Configure this property to change the behavior of the wsadmin command,
# such as connection port or protocol.
#
auto.deploy.websphere.wsadmin.properties.file.name=
#
# Set the URLs of libraries that might be needed to download during the
# auto deploy process.
#
library.download.url.resin.jar=http://cdn.files.liferay.com/public/quercus/4.0.11/resin.jar
library.download.url.script-10.jar=http://cdn.files.liferay.com/public/quercus/3.1.9/script-10.jar
##
## Hot Deploy
##
#
# Input a list of comma delimited class names that implement
# com.liferay.portal.kernel.deploy.hot.HotDeployListener. These classes are
# used to process the deployment and undeployment of WARs at runtime.
#
# The listeners are invoked in the order defined by this property.
# PluginPackageHotDeployListener must always be invoked first.
# SpringHotDeployListener must always be invoked before
# ServletContextListenerHotDeployListener. MessagingHotDeployListener must
# always be invoked last.
#
hot.deploy.listeners=\
com.liferay.portal.deploy.hot.PluginPackageHotDeployListener,\
\
com.liferay.portal.deploy.hot.SpringHotDeployListener,\
\
com.liferay.portal.deploy.hot.ServletContextListenerHotDeployListener,\
\
com.liferay.portal.deploy.hot.ExtHotDeployListener,\
com.liferay.portal.deploy.hot.HookHotDeployListener,\
com.liferay.portal.deploy.hot.JSONWebServiceHotDeployListener,\
com.liferay.portal.deploy.hot.LayoutTemplateHotDeployListener,\
com.liferay.portal.deploy.hot.PortletHotDeployListener,\
com.liferay.portal.deploy.hot.SocialHotDeployListener,\
com.liferay.portal.deploy.hot.ThemeHotDeployListener,\
com.liferay.portal.deploy.hot.ThemeLoaderHotDeployListener,\
\
com.liferay.portal.deploy.hot.MessagingHotDeployListener
##
## Hot Undeploy
##
#
# Set this to true to enable undeploying plugins.
#
hot.undeploy.enabled=true
#
# Set the undeploy interval in milliseconds on how long to wait for the
# undeploy process to finish.
#
hot.undeploy.interval=0
#
# Set this to true to undeploy a plugin before deploying a new version. This
# property will only be used if the property "hot.undeploy.enabled" is set
# to true.
#
hot.undeploy.on.redeploy=false
##
## Sandbox Deploy
##
#
# Input a list of comma delimited class names that implement
# com.liferay.portal.kernel.deploy.sandbox.SandboxDeployListener. These
# classes are used to process sandbox style plugins.
#
sandbox.deploy.listeners=\
com.liferay.portal.deploy.sandbox.PortletSandboxDeployListener,\
com.liferay.portal.deploy.sandbox.ThemeSandboxDeployListener
#
# Set this to true to enable sandbox style plugin development.
#
sandbox.deploy.enabled=false
#
# Set the directory to scan for sand box style plugins.
#
sandbox.deploy.dir=${liferay.home}/sandbox
#
# Set the interval in milliseconds on how often to scan the directory for
# changes.
#
sandbox.deploy.interval=3000
##
## Plugin
##
#
# Input a list of comma delimited supported plugin types.
#
plugin.types=portlet,theme,layout-template,hook,web
#
# Input a list of Liferay plugin repositories separated by \n characters.
#
plugin.repositories.trusted=
plugin.repositories.untrusted=
#
# Set this property to false to avoid receiving on screen notifications
# when there is a new version of an installed plugin.
#
plugin.notifications.enabled=false
#
# Input a list of plugin packages IDs separated by \n characters.
# Administrators won't be notified when a new version of these plugins are
# available. The IDs are of the form groupId/artifactId. You can also end
# the ID with an asterisk to match any ID that starts with the previous
# character.
#
#plugin.notifications.packages.ignored=liferay/sample-jsp-portlet
##
## Portlet
##
#
# Set this property to set the default virtual path for all hot deployed
# portlets. See liferay-portlet-app_7_0_0.dtd and the virtual-path element
# for more information.
#
portlet.virtual.path=
#
# Set this property to true to validate portlet.xml against the portlet
# schema.
#
portlet.xml.validate=true
#
# Portlets that have configured liferay-portlet.xml with the element
# "add-default-resource" set to true will allow those portlets to be
# dynamically added to any page by any user. This is useful
# (and necessary) for some portlets that need to be dynamically added to a
# page, but it can also pose a security risk because it also allows any user
# to do it.
#
# Set this property to true to add a security check around this behavior.
# If set to true, then portlets can only be dynamically added to a page if
# it contains a proper security token. This security token is automatically
# passed when using a portlet URL from one portlet to another portlet.
#
# Modify the property "portlet.add.default.resource.check.whitelist" to
# whitelist certain portlets from this security check.
#
# The security check utilizes the implementation set in the property
# "auth.token.impl".
#
portlet.add.default.resource.check.enabled=true
#
# Set a list of comma delimited portlet IDs that will bypass the security
# check set in the property "portlet.add.default.resource.check.enabled".
#
portlet.add.default.resource.check.whitelist=3,56_INSTANCE_0000,58,86,103,113,145,164,166,170
#
# Input a list of comma delimited struts actions that will bypass the
# security check set in the property
# "portlet.add.default.resource.check.enabled".
#
portlet.add.default.resource.check.whitelist.actions=/journal/rss
#
# Set a list of comma delimited portlet IDs that will bypass the
# checks at first login (pages like terms of use, update password,
# password reminder query, etc.).
#
# Such a portlet can also be embedded in a theme.
#
# Keep in mind that this can be risky, because an attacker can issue POST
# requests on these portlets, even when there is no portlet embedded in a
# theme.
#
portlet.interrupted.request.whitelist=
#
# Input a list of comma delimited struts actions that will bypass the
# checks at first login (pages like terms of use, update password,
# password reminder query, etc.).
#
portlet.interrupted.request.whitelist.actions=
#
# Input a regular expression to ban paths that cannot be used to serve
# resources in portlets.
#
portlet.resource.id.banned.paths.regexp=.*/(?:META-INF|WEB-INF)/.*
##
## Portlet Config
##
#
# Input a list of portlet resources that will be loaded.
#
portlet.configs=\
/WEB-INF/portlet-custom.xml,\
/WEB-INF/portlet-ext.xml,\
/WEB-INF/liferay-portlet.xml,\
/WEB-INF/liferay-portlet-ext.xml,\
/WEB-INF/web.xml
##
## Portlet Container
##
#
# Set this property to true to restrict portlet communication via request
# attributes. See the property "layout.parallel.render.enable" on how that
# property affects this property.
#
portlet.container.restrict=true
##
## Portlet Coordination
##
#
# This property controls how cross layout portlet URLs are invoked. When set
# to "render", only render URLs will be allowed invocation across
# different layouts. When set to "all", all portlet URL types will be
# allowed invocation.
#
portlet.cross.layout.invocation.mode=render
#
# Set this property to specify how events are distributed. If the value is
# "layout-set", then events will be distributed to all portlets contained in
# a layout set. If the value is "layout", then events will be distributed to
# all portlets that are present in a layout.
#
portlet.event.distribution=layout
#
# Set this property to specify how public render parameters are distributed.
# If the value is "layout-set", then public render parameters will be
# distributed to all portlets contained in a layout set. This will only work
# correctly if the property "layout.default.p_l_reset" is set to false. If
# the value is "layout", then public render parameters will be distributed
# to all portlets that are present in a layout.
#
portlet.public.render.parameter.distribution=layout
##
## Portlet Display Templates
##
#
# Set the location of the default help content for portlet display
# templates for each language type.
#
portlet.display.templates.help[ftl]=com/liferay/portlet/portletdisplaytemplate/dependencies/portlet_display_template_help.ftl
portlet.display.templates.help[vm]=com/liferay/portlet/portletdisplaytemplate/dependencies/portlet_display_template_help.vm
##
## Portlet Filters
##
#
# Input a list of portlet filters that will be applied to all portlets.
#
portlet.filters.system=com.liferay.portlet.CheckboxParametersPortletFilter,com.liferay.portlet.ScriptDataPortletFilter
##
## Theme
##
#
# Set this property to true to load the theme's merged CSS files for faster
# loading for production.
#
# Set this property to false for easier debugging for development. You can
# also disable fast loading by setting the URL parameter "css_fast_load" to
# "0" when the property "theme.css.fast.load.check.request.parameter" is
# also set to true.
#
theme.css.fast.load=true
#
# Set this property to false to ignore the URL parameter "css_fast_load".
# See the property "theme.css.fast.load".
#
theme.css.fast.load.check.request.parameter=false
#
# Set this property to true to load the theme's merged image files for
# faster loading for production.
#
# Set this property to false for easier debugging for development. You can
# also disable fast loading by setting the URL parameter "images_fast_load"
# to "0" when the property "theme.images.fast.load.check.request.parameter"
# is also set to true.
#
theme.images.fast.load=true
#
# Set this property to false to ignore the URL parameter "images_fast_load".
# See the property "theme.images.fast.load".
#
theme.images.fast.load.check.request.parameter=false
#
# Set this property to true to allow directly invoked JSPs to be
# overridden by a different version of the JSP that exists in a theme.
#
theme.jsp.override.enabled=false
#
# Set the theme's shortcut icon.
#
theme.shortcut.icon=favicon.ico
#
# Set this property to set the default virtual path for all hot deployed
# themes. See liferay-look-and-feel_7_0_0.dtd and the virtual-path element
# for more information.
#
theme.virtual.path=
#
# Set this with an absolute path to specify where imported theme files from
# a LAR will be stored. This path will override the file-storage path
# specified in liferay-theme-loader.xml.
#
theme.loader.storage.path=
#
# Themes can be imported via LAR files. Set this to true if imported themes
# should use a new theme ID on every import. This will ensure that a copy of
# the old theme is preserved in the theme loader storage path. However, this
# also means that a lot of themes that are no longer used remain in the file
# system. It is recommended that you set this to false.
#
theme.loader.new.theme.id.on.import=false
#
# Set this to true to decorate portlets by default.
#
theme.portlet.decorate.default=true
#
# Set this to true to expose sharing icons for portlets by default.
#
theme.portlet.sharing.default=false
##
## Resource Actions
##
#
# Input a list of comma delimited resource action configurations that will
# be read from the class path.
#
resource.actions.configs=\
META-INF/resource-actions/default.xml,\
resource-actions/default.xml
#
# This should only be set to false when it is called by Service Builder
# outside of an application server or servlet container.
#
resource.actions.read.portlet.resources=true
##
## Model Hints
##
#
# Input a list of comma delimited model hints configurations.
#
model.hints.configs=\
META-INF/portal-model-hints.xml,\
classpath*:META-INF/ext-model-hints.xml,\
META-INF/portlet-model-hints.xml
##
## Model Tree Path
##
#
# Set the batch size of database query results returned during the tree
# rebuilding operation. If set to -1, the results will not be paginated
# and may result in a larger memory footprint.
#
model.tree.rebuild.query.results.batch.size=10000
##
## Service Builder
##
#
# Input a list of common delimited method prefixes designated for read-only
# transactions. Service Builder will use these prefixes to annotate methods
# that are to run in read-only transactions.
#
service.builder.service.read.only.prefixes=\
fetch,\
get,\
has,\
is,\
load,\
reindex,\
search
##
## Spring
##
#
# Input a list of comma delimited Spring configurations. These will be
# loaded after the bean definitions specified in the contextConfigLocation
# parameter in web.xml.
#
spring.configs=\
META-INF/base-spring.xml,\
\
META-INF/hibernate-spring.xml,\
META-INF/infrastructure-spring.xml,\
META-INF/management-spring.xml,\
\
META-INF/util-spring.xml,\
\
META-INF/executor-spring.xml,\
META-INF/fabric-spring.xml,\
\
META-INF/audit-spring.xml,\
META-INF/cluster-spring.xml,\
META-INF/comment-spring.xml,\
META-INF/jcr-spring.xml,\
META-INF/messaging-core-spring.xml,\
META-INF/messaging-misc-spring.xml,\
META-INF/mobile-device-spring.xml,\
META-INF/model-listener-spring.xml,\
META-INF/notifications-spring.xml,\
META-INF/poller-spring.xml,\
META-INF/rules-spring.xml,\
META-INF/scheduler-spring.xml,\
META-INF/search-spring.xml,\
META-INF/service-configurator-spring.xml,\
META-INF/workflow-spring.xml,\
\
META-INF/counter-spring.xml,\
META-INF/mail-spring.xml,\
META-INF/portal-spring.xml,\
META-INF/portlet-container-spring.xml,\
META-INF/staging-spring.xml,\
META-INF/virtual-layouts-spring.xml,\
\
META-INF/monitoring-spring.xml,\
\
#META-INF/dynamic-data-source-spring.xml,\
#META-INF/shard-data-source-spring.xml,\
\
classpath*:META-INF/ext-spring.xml
#
# Input a list of comma delimited Spring configurations for plugins. These
# will be loaded before portalContextConfigLocation parameter in portlet
# web.xml and spring.configs in service.properties
#
spring.portlet.configs=\
com/liferay/portal/spring/context/xml/*-spring.xml
#
# Set the bean name for the Liferay data source.
#
spring.hibernate.data.source=liferayDataSource
#
# Set the bean name for the Liferay session factory.
#
spring.hibernate.session.factory=&liferaySessionFactory
#
# Set the list of portal classes that will be preloaded by the
# PreloadClassloader and therefore available to a plugin's Hibernate session
# factory.
#
spring.hibernate.configuration.proxy.factory.preload.classloader.classes=\
javassist.util.proxy.MethodHandler,\
javassist.util.proxy.ProxyObject,\
javassist.util.proxy.RuntimeSupport,\
org.hibernate.proxy.HibernateProxy,\
org.hibernate.proxy.LazyInitializer
#
# Set the list of portal classes that will be preloaded by the
# PreloadClassloader and therefore available to a plugin's Hibernate session
# factory.
#
spring.hibernate.session.factory.preload.classloader.classes=\
org.hibernate.engine.jdbc.WrappedBlob
#
# Set this property to false to manually open and close sessions.
#
spring.hibernate.session.delegated=true
##
## Hibernate
##
#
# Input a list of comma delimited Hibernate configurations.
#
hibernate.configs=\
META-INF/mail-hbm.xml,\
META-INF/portal-hbm.xml,\
classpath*:META-INF/ext-hbm.xml
#
# Liferay will automatically detect the Hibernate dialect in
# com.liferay.portal.spring.PortalHibernateConfiguration. Set this property
# to manually override the automatically detected dialect.
#
#hibernate.dialect=
#
# Set the Hibernate connection release mode. You should not modify this
# unless you know what you're doing. The default setting works best for
# Spring managed transactions. See the method buildSessionFactory in class
# org.springframework.orm.hibernate3.LocalSessionFactoryBean and search for
# the phrase "on_close" to understand how this works.
#
#hibernate.connection.release_mode=on_close
#
# Set the Hibernate cache region factory. Ehcache is recommended in a
# clustered environment. See the property
# "net.sf.ehcache.configurationResourceName" for detailed configuration.
#
hibernate.cache.region.factory_class=com.liferay.portal.dao.orm.hibernate.region.SingletonLiferayEhcacheRegionFactory
#
# This property is used if Hibernate is configured to use Ehcache's region
# factory.
#
net.sf.ehcache.configurationResourceName=/ehcache/hibernate-clustered.xml
#
# Configure this property if using Ehcache's default replication method for
# Hibernate's region cache.
#
net.sf.ehcache.configurationResourceName.peerProviderProperties=peerDiscovery=automatic,multicastGroupAddress=${multicast.group.address["hibernate"]},multicastGroupPort=${multicast.group.port["hibernate"]},timeToLive=1
#
# Set other Hibernate cache settings.
#
hibernate.cache.use_query_cache=false
hibernate.cache.use_second_level_cache=false
hibernate.cache.use_minimal_puts=true
hibernate.cache.use_structured_entries=false
#
# Set the JDBC batch size to improve performance.
#
# If you're using Hypersonic, you SHOULD set the batch size to 0 as a
# workaround for a logging bug in the Hypersonic driver. See LPS-5426 for
# more information.
#
# If you're using Oracle 9i, you MUST set the batch size to 0 as a
# workaround for a hanging bug in the Oracle driver. See LEP-1234 for more
# information.
#
#hibernate.jdbc.batch_size=0
hibernate.jdbc.batch_size=20
#
# Set other miscellaneous Hibernate properties.
#
hibernate.jdbc.use_scrollable_resultset=true
hibernate.bytecode.use_reflection_optimizer=true
hibernate.show_sql=false
#
# Use the classic query factory until WebLogic and Hibernate 3 can get
# along. See http://www.hibernate.org/250.html#A23 for more information.
#
hibernate.query.factory_class=org.hibernate.hql.classic.ClassicQueryTranslatorFactory
#
# Set this property to true to enable Hibernate cache monitoring. See
# LPS-2056 for more information.
#
hibernate.generate_statistics=false
##
## JDBC
##
#
# Set the JNDI name to lookup the JDBC data source. If none is set,
# then the portal will attempt to create the JDBC data source based on the
# properties prefixed with "jdbc.default.".
#
#jdbc.default.jndi.name=jdbc/LiferayPool
#
# Set the properties used to create the JDBC data source. These properties
# will only be read if the property "jdbc.default.jndi.name" is not set.
#
# The default settings are configured for an in-memory database called
# Hypersonic that is not recommended for production use. Please change the
# properties to use another database.
#
# Add dynamic-data-source-spring.xml to the property "spring.configs" to
# configure the portal to use one database cluster for read calls and
# another database cluster for write calls. The convention is to create a
# set of properties prefixed with "jdbc.read." to handle read calls and
# another set of properties prefixed with "jdbc.write." to handle write
# calls. These data sources can also be created via JNDI by setting the
# properties "jdbc.read.jndi.name" and "jdbc.write.jndi.name". Note that
# these settings, though separate, are a copy of the default settings with
# the newly overridden values.
#
#
# DB2
#
#jdbc.default.driverClassName=com.ibm.db2.jcc.DB2Driver
#jdbc.default.url=jdbc:db2://localhost:50000/lportal:deferPrepares=false;fullyMaterializeInputStreams=true;fullyMaterializeLobData=true;progresssiveLocators=2;progressiveStreaming=2;
#jdbc.default.username=db2admin
#jdbc.default.password=lportal
#
# Derby
#
#jdbc.default.driverClassName=org.apache.derby.jdbc.EmbeddedDriver
#jdbc.default.url=jdbc:derby:lportal
#jdbc.default.username=
#jdbc.default.password=
#
# Hypersonic
#
jdbc.default.driverClassName=org.hsqldb.jdbcDriver
jdbc.default.url=jdbc:hsqldb:${liferay.home}/data/hsql/lportal
jdbc.default.username=sa
jdbc.default.password=
#
# Ingres
#
#jdbc.default.driverClassName=com.ingres.jdbc.IngresDriver
#jdbc.default.url=jdbc:ingres://localhost:II7/lportal
#jdbc.default.username=
#jdbc.default.password=
#
# MySQL
#
#jdbc.default.driverClassName=com.mysql.jdbc.Driver
#jdbc.default.url=jdbc:mysql://localhost/lportal?useUnicode=true&characterEncoding=UTF-8&useFastDateParsing=false
#jdbc.default.username=
#jdbc.default.password=
#
# Oracle
#
#jdbc.default.driverClassName=oracle.jdbc.driver.OracleDriver
#jdbc.default.url=jdbc:oracle:thin:@localhost:1521:xe
#jdbc.default.username=lportal
#jdbc.default.password=lportal
#
# P6Spy
#
#jdbc.default.driverClassName=com.p6spy.engine.spy.P6SpyDriver
#jdbc.default.url=jdbc:mysql://localhost/lportal?useUnicode=true&characterEncoding=UTF-8&useFastDateParsing=false
#jdbc.default.username=
#jdbc.default.password=
#
# PostgreSQL
#
#jdbc.default.driverClassName=org.postgresql.Driver
#jdbc.default.url=jdbc:postgresql://localhost:5432/lportal
#jdbc.default.username=sa
#jdbc.default.password=
#
# SQL Server
#
#jdbc.default.driverClassName=net.sourceforge.jtds.jdbc.Driver
#jdbc.default.url=jdbc:jtds:sqlserver://localhost/lportal
#jdbc.default.username=sa
#jdbc.default.password=
#
# Sybase
#
#jdbc.default.driverClassName=net.sourceforge.jtds.jdbc.Driver
#jdbc.default.url=jdbc:jtds:sybase://localhost:5000/lportal
#jdbc.default.username=sa
#jdbc.default.password=
#
# Liferay can use C3PO, DBCP, or Tomcat for connection pooling. See
# com.liferay.portal.dao.jdbc.util.DataSourceFactoryBean for the actual
# implementation. It is important to understand the strengths and weaknesses
# of each provider so that you can choose the best one that fits your
# deployment scenario. Provider specific properties can also be passed along
# directly to the provider. For example, the property
# "jdbc.default.acquireIncrement" is read by C3PO, and the property
# "jdbc.default.maxActive" is read by DBCP.
#
# The default provider is C3PO.
#
jdbc.default.liferay.pool.provider=c3po
#jdbc.default.liferay.pool.provider=dbcp
#jdbc.default.liferay.pool.provider=hikaricp
#jdbc.default.liferay.pool.provider=tomcat
#
# The following properties will be read by C3PO if Liferay is configured to
# use C3PO in the property "jdbc.default.liferay.pool.provider". See
# http://www.mchange.com/projects/c3p0/index.html#configuration for a list
# of additional fields used by C3PO for configuring database connections.
#
jdbc.default.acquireIncrement=5
jdbc.default.acquireRetryAttempts=3
jdbc.default.acquireRetryDelay=1000
jdbc.default.connectionCustomizerClassName=com.liferay.portal.dao.jdbc.pool.c3p0.PortalConnectionCustomizer
jdbc.default.idleConnectionTestPeriod=60
jdbc.default.maxIdleTime=3600
jdbc.default.maxPoolSize=100
jdbc.default.minPoolSize=10
jdbc.default.numHelperThreads=10
#jdbc.default.transactionIsolation=1
#
# The following properties will be read by HikariCP if Liferay is configured
# to use HikariCP in the property "jdbc.default.liferay.pool.provider". See
# https://github.com/brettwooldridge/HikariCP for a list of additional
# fields used by HikariCP for configuring database connections.
#
# HikariCP recommends to also tune database settings. See
# https://github.com/brettwooldridge/HikariCP/wiki for additional setting
# details for database.
#
#jdbc.default.autoCommit=true
jdbc.default.connectionTimeout=30000
#jdbc.default.hikariConnectionCustomizerClassName=
jdbc.default.idleTimeout=600000
jdbc.default.maximumPoolSize=100
jdbc.default.maxLifetime=0
#jdbc.default.minimumIdle=10
jdbc.default.registerMbeans=true
#
# The following properties will be read by both DBCP and Tomcat JDBC
# Connection Pool if Liferay is configured to use DBCP or Tomcat JDBC
# Connection Pool in the property "jdbc.default.liferay.pool.provider". See
# http://commons.apache.org/dbcp/configuration.html and
# http://people.apache.org/~fhanik/jdbc-pool/jdbc-pool.html for a list of
# additional fields used by DBCP or Tomcat JDBC Connection Pool for
# configuring database connections.
#
#jdbc.default.defaultTransactionIsolation=READ_UNCOMMITTED
jdbc.default.maxActive=100
jdbc.default.minIdle=10
jdbc.default.removeAbandonedTimeout=3600
#
# The following properties will be read by Tomcat JDBC Connection Pool if
# Liferay is configured to use Tomcat JDBC Connection Pool in the property
# "jdbc.default.liferay.pool.provider". See
# http://people.apache.org/~fhanik/jdbc-pool/jdbc-pool.html for a list of
# additional fields used by Tomcat JDBC Connection Pool for configuring
# database connections.
#
jdbc.default.jdbcInterceptors=org.apache.tomcat.jdbc.pool.interceptor.ConnectionState
jdbc.default.jmxEnabled=true
jdbc.default.fairQueue=true
jdbc.default.timeBetweenEvictionRunsMillis=30000
jdbc.default.useEquals=false
##
## Custom SQL
##
#
# Set this property to true to automatically escape wildcards to literal
# values.
#
custom.sql.auto.escape.wildcards.enabled=false
#
# Input a list of comma delimited custom SQL configurations.
#
custom.sql.configs=custom-sql/default.xml
#
# Some databases do not recognize a NULL IS NULL check. Set the
# "custom.sql.function.isnull" and "custom.sql.function.isnotnull"
# properties for your specific database.
#
# There is no need to manually set these properties because
# com.liferay.portal.spring.PortalHibernateConfiguration already sets it.
# However, these properties are available so that you can see how you can
# override it for a database that PortalHibernateConfiguration does not yet
# know how to auto configure.
#
#
# DB2
#
#custom.sql.function.isnull=CAST(? AS VARCHAR(32672)) IS NULL
#custom.sql.function.isnotnull=CAST(? AS VARCHAR(32672)) IS NOT NULL
#
# MySQL (for testing only)
#
#custom.sql.function.isnull=IFNULL(?, '1') = '1'
#custom.sql.function.isnotnull=IFNULL(?, '1') = '0'
#
# Sybase
#
#custom.sql.function.isnull=CONVERT(VARCHAR,?) IS NULL
#custom.sql.function.isnotnull=CONVERT(VARCHAR,?) IS NOT NULL
##
## Database
##
#
# Set this property to true to update database indexes on startup. This will
# ensure that all necessary indexes are added and that unnecessary indexes
# are removed. Only indexes that have names that match "LIFERAY_" OR "IX_"
# will be updated. Make sure that your custom indexes do not match the
# Liferay pattern to ensure that your custom indexes are not removed as
# unnecessary indexes.
#
database.indexes.update.on.startup=false
#
# Specify any database vendor specific settings.
#
#
# MySQL
#
#
# Set the MySQL engine type. InnoDB is the recommended engine because it
# provides transactional integrity.
#
database.mysql.engine=InnoDB
##
## Transaction
##
#
# Set the transaction isolation level for the Counter service. See
# "transaction.isolation.portal" for more information. The preferred value
# is 8 when the transaction manager supports it. If the transaction manager
# does not support it, set this to -1 to use the database's default
# isolation level.
#
transaction.isolation.counter=2
#
# Set the definition of the "portal" transaction isolation level. The
# "portal" transaction isolation level is not a real isolation level. It is
# just a pointer to a real isolation level that can be configured by setting
# this property. Set the value to -1 to use the database's default isolation
# level. Set the value to 2 to use "read committed". Set the value to 1 to
# use "read uncommitted". Set the value to 4 to use "repeatable read". Set
# the value to 8 to use "serializable".
#
transaction.isolation.portal=2
#
# Set the transaction manager. It must be a class that extends
# org.springframework.transaction.support.AbstractPlatformTransactionManager.
#
# The application server specific transaction managers provide XA
# transactions by leveraging application server specific data sources and
# thus require additional application server specific configuration. You
# should not modify this unless you know what you're doing.
#
transaction.manager.impl=com.liferay.portal.spring.hibernate.LastSessionRecorderHibernateTransactionManager
#transaction.manager.impl=org.springframework.transaction.jta.JtaTransactionManager
#transaction.manager.impl=org.springframework.transaction.jta.OC4JJtaTransactionManager
#transaction.manager.impl=org.springframework.transaction.jta.WebLogicJtaTransactionManager
#transaction.manager.impl=org.springframework.transaction.jta.WebSphereUowTransactionManager
#
# Additional properties that follow the pattern
# "transaction.manager.property.*" will be read to call the setters on the
# transaction manager. For example, the property
# "transaction.manager.property.globalRollbackOnParticipationFailure", will
# call the setter "setGlobalRollbackOnParticipationFailure" on the
# transaction manager. The list of available setters depends on the
# implementation specified in the property "transaction.manager.impl".
#
# "allowCustomIsolationLevels" should be set to true when using the
# JtaTransactionManager.
#
#transaction.manager.property.allowCustomIsolationLevels=true
transaction.manager.property.globalRollbackOnParticipationFailure=false
##
## Transactional Cache
##
#
# Set this property to true to enable transactional cache. When enabled,
# changes to caches take effect when transaction commits successfully.
# Caches rollback when transactions rollback.
#
transactional.cache.enable=true
#
# Set a list of comma delimited transactional portal cache names. The "?"
# character represents a single character wildcard. The "*" symbol character
# a multiple character wildcard. The "%" character is used to escape
# characters.
#
transactional.cache.names=com.liferay.portal.kernel.dao.orm.EntityCache*,com.liferay.portal.kernel.dao.orm.FinderCache*,com.liferay.portal.service.persistence.impl.TableMapper-*,com.liferay.portlet.PortalPreferencesWrapperCacheUtil
##
## Sharded Databases
##
#
# Set the database that is to be used for the default company and globally
# used tables in a sharded environment.
#
shard.default.name=default
#
# Specify an algorithm for selecting a new shard on portal instance
# creation. Use ManualShardSelector for shard selection via the web
# interface.
#
shard.selector=com.liferay.portal.dao.shard.RoundRobinShardSelector
#shard.selector=com.liferay.portal.dao.shard.ManualShardSelector
##
## Ehcache
##
#
# Set the classpath to the location of the Ehcache config file for internal
# caches. Edit the file specified in the property
# "ehcache.multi-vm.config.location" to enable clustered cache.
#
ehcache.single.vm.config.location=/ehcache/liferay-single-vm.xml
ehcache.multi.vm.config.location=/ehcache/liferay-multi-vm-clustered.xml
#
# Uncomment the following in a clustered environment.
#
ehcache.multi.vm.config.location.peerProviderProperties=peerDiscovery=automatic,multicastGroupAddress=${multicast.group.address["multi-vm"]},multicastGroupPort=${multicast.group.port["multi-vm"]},timeToLive=1
#
# Set this to true to enable the Ehcache bootstrap cache loader.
#
ehcache.bootstrap.cache.loader.enabled=false
#
# Input a class name that extends
# net.sf.ehcache.bootstrap.BootstrapCacheLoaderFactory. This class is used
# by Ehcache to determine how caches communicate with each other in a
# clustered environment.
#
ehcache.bootstrap.cache.loader.factory=net.sf.ehcache.distribution.RMIBootstrapCacheLoaderFactory
#ehcache.bootstrap.cache.loader.factory=com.liferay.portal.cache.ehcache.JGroupsBootstrapCacheLoaderFactory
#
# Input a class name that extends
# net.sf.ehcache.event.CacheEventListenerFactory. This class is used by
# Ehcache to determine how caches communicate with each other in a clustered
# environment.
#
ehcache.cache.event.listener.factory=com.liferay.portal.cache.ehcache.RMICacheReplicatorFactory
#ehcache.cache.event.listener.factory=net.sf.ehcache.distribution.jgroups.JGroupsCacheReplicatorFactory
#
# Input a class name that extends
# net.sf.ehcache.distribution.CacheManagerPeerListenerFactory. This class is
# used by Ehcache to determine how caches communicate with each other in a
# clustered environment.
#
ehcache.cache.manager.peer.listener.factory=net.sf.ehcache.distribution.RMICacheManagerPeerListenerFactory
#
# Input a class name that extends
# net.sf.ehcache.distribution.CacheManagerPeerProviderFactory. This class is
# used by Ehcache to determine how caches communicate with each other in a
# clustered environment.
#
ehcache.cache.manager.peer.provider.factory=net.sf.ehcache.distribution.RMICacheManagerPeerProviderFactory
#ehcache.cache.manager.peer.provider.factory=net.sf.ehcache.distribution.jgroups.JGroupsCacheManagerPeerProviderFactory
#
# The Ehcache cache manager internally maintains a scheduled thread pool
# executor for statistics. The default size of the scheduled thread pool
# executor is set to the number of CPUs. This is too heavy for a server with
# a lot of processors. Set this property to reduce the scheduled thread pool
# size.
#
ehcache.cache.manager.statistics.thread.pool.size=1
#
# Set this to true to enable JMX integration in
# com.liferay.portal.cache.EhcachePortalCacheManager. Set this to false if
# the portal needs to be reloaded under WebSphere.
#
ehcache.portal.cache.manager.jmx.enabled=true
#
# Set this to true to allow Ehcache to use blocking caches. This improves
# performance significantly by locking on keys instead of the entire cache.
# The drawback is that threads can hang if the cache is not used properly.
# Make sure that all queries that return a miss also immediately populate
# the cache, or else other threads that are blocked on a query of that same
# key will continue to hang. Reference Ehcache's BlockingCache for more
# information. The blocking cache is no longer implemented by Ehcache's
# BlockingCache, but by Liferay's BlockingPortalCache for better safety and
# faster performance.
#
# Blocking cache together with transactional cache performs poorly, because
# transactional cache affects the cache population visibility across
# transactions. When transactional cache is on, blocking cache most likely
# does nothing useful unless the transaction window time is short. When
# transactional cache is off, it is better to turn on blocking cache for
# better database access performance.
#
ehcache.blocking.cache.allowed=false
#
# Set the socket timeout in milliseconds.
#
ehcache.socket.so.timeout=10000
#
# Set the start port for Ehcache socket. The port number will increase by 1
# until it finds an unused port.
#
ehcache.socket.start.port=32454
##
## JavaScript
##
#
# Set a list of JavaScript files that will be loaded automatically in
# /html/common/themes/top_js.jsp.
#
# There are two lists of files specified in the properties
# "javascript.barebone.files" and "javascript.everything.files".
#
# As the name suggests, the barebone list is the minimum list of JavaScript
# files required for most cases. The everything list includes everything
# else not listed in the barebone list.
#
# The two lists of files exist for performance reasons because
# unauthenticated users usually do not utilize all the JavaScript that is
# available. See the property "javascript.barebone.enabled" for more
# information on the logic of when the barebone list is used and when the
# everything list is used and how to customize that logic.
#
# The list of files are also merged and packed for further performance
# improvements. See the property "javascript.fast.load" for more details.
#
#
# Specify the list of barebone files.
#
# The ordering of the JavaScript files is important.
#
# The Liferay scripts are grouped in such a way, that the first grouping
# denotes utility scripts that are used by the second and third groups. The
# second grouping denotes utility classes that rely on the first group, but
# does not rely on the second or third group. The third grouping denotes
# modules that rely on the first and second group.
#
javascript.barebone.files=\
\
#
# jQuery core
#
\
jquery/jquery.js,\
\
#
# Lodash core
#
\
lodash/lodash.js,\
\
#
# YUI core
#
\
aui/aui/aui.js,\
aui/aui-base-html5-shiv/aui-base-html5-shiv.js,\
\
#
# Liferay module definitions
#
\
liferay/browser_selectors.js,\
liferay/modules.js,\
\
#
# AUI sandbox
#
\
liferay/aui_sandbox.js,\
\
#
# jQuery plugins
#
\
jquery/fm.js,\
jquery/form.js,\
\
#
# Lodash plugins
#
\
lodash/util.js,\
\
#
# YUI modules
#
\
aui/arraylist-add/arraylist-add.js,\
aui/arraylist-filter/arraylist-filter.js,\
aui/arraylist/arraylist.js,\
aui/array-extras/array-extras.js,\
aui/array-invoke/array-invoke.js,\
aui/attribute-base/attribute-base.js,\
aui/attribute-complex/attribute-complex.js,\
aui/attribute-core/attribute-core.js,\
aui/attribute-observable/attribute-observable.js,\
aui/attribute-extras/attribute-extras.js,\
aui/base-base/base-base.js,\
aui/base-pluginhost/base-pluginhost.js,\
aui/classnamemanager/classnamemanager.js,\
aui/datatype-xml-format/datatype-xml-format.js,\
aui/datatype-xml-parse/datatype-xml-parse.js,\
aui/dom-base/dom-base.js,\
aui/dom-core/dom-core.js,\
aui/dom-screen/dom-screen.js,\
aui/dom-style/dom-style.js,\
aui/event-base/event-base.js,\
aui/event-custom-base/event-custom-base.js,\
aui/event-custom-complex/event-custom-complex.js,\
aui/event-delegate/event-delegate.js,\
aui/event-focus/event-focus.js,\
aui/event-hover/event-hover.js,\
aui/event-key/event-key.js,\
aui/event-mouseenter/event-mouseenter.js,\
aui/event-mousewheel/event-mousewheel.js,\
aui/event-outside/event-outside.js,\
aui/event-resize/event-resize.js,\
aui/event-simulate/event-simulate.js,\
aui/event-synthetic/event-synthetic.js,\
aui/intl/intl.js,\
aui/io-base/io-base.js,\
aui/io-form/io-form.js,\
aui/io-queue/io-queue.js,\
aui/io-upload-iframe/io-upload-iframe.js,\
aui/io-xdr/io-xdr.js,\
aui/json-parse/json-parse.js,\
aui/json-stringify/json-stringify.js,\
aui/node-base/node-base.js,\
aui/node-core/node-core.js,\
aui/node-event-delegate/node-event-delegate.js,\
aui/node-event-simulate/node-event-simulate.js,\
aui/node-focusmanager/node-focusmanager.js,\
aui/node-pluginhost/node-pluginhost.js,\
aui/node-screen/node-screen.js,\
aui/node-style/node-style.js,\
aui/oop/oop.js,\
aui/plugin/plugin.js,\
aui/pluginhost-base/pluginhost-base.js,\
aui/pluginhost-config/pluginhost-config.js,\
aui/querystring-stringify-simple/querystring-stringify-simple.js,\
aui/queue-promote/queue-promote.js,\
aui/selector-css2/selector-css2.js,\
aui/selector-css3/selector-css3.js,\
aui/selector-native/selector-native.js,\
aui/selector/selector.js,\
aui/widget-base/widget-base.js,\
aui/widget-htmlparser/widget-htmlparser.js,\
aui/widget-skin/widget-skin.js,\
aui/widget-uievents/widget-uievents.js,\
aui/yui-throttle/yui-throttle.js,\
\
#
# Alloy core
#
\
aui/aui-base-core/aui-base-core.js,\
aui/aui-base-lang/aui-base-lang.js,\
\
#
# Alloy modules
#
\
aui/aui-classnamemanager/aui-classnamemanager.js,\
aui/aui-component/aui-component.js,\
aui/aui-debounce/aui-debounce.js,\
aui/aui-delayed-task-deprecated/aui-delayed-task-deprecated.js,\
aui/aui-event-base/aui-event-base.js,\
aui/aui-event-input/aui-event-input.js,\
aui/aui-form-validator/aui-form-validator.js,\
aui/aui-node-base/aui-node-base.js,\
aui/aui-node-html5/aui-node-html5.js,\
aui/aui-selector/aui-selector.js,\
aui/aui-timer/aui-timer.js,\
\
#
# Liferay base utility scripts
#
\
liferay/dependency.js,\
liferay/events.js,\
liferay/language.js,\
liferay/liferay.js,\
liferay/util.js,\
\
#
# Liferay utility scripts
#
\
liferay/portal.js,\
liferay/portlet.js,\
liferay/portlet_sharing.js,\
liferay/workflow.js,\
\
#
# Liferay modules
#
\
liferay/form.js,\
liferay/form_placeholders.js,\
liferay/icon.js,\
liferay/menu.js,\
liferay/notice.js,\
liferay/poller.js
#
# Specify the list of everything files (everything else not already in the
# list of barebone files).
#
javascript.everything.files=\
\
#
# YUI modules
#
\
aui/async-queue/async-queue.js,\
aui/base-build/base-build.js,\
aui/cookie/cookie.js,\
aui/event-touch/event-touch.js,\
aui/overlay/overlay.js,\
aui/querystring-stringify/querystring-stringify.js,\
aui/widget-child/widget-child.js,\
aui/widget-position-align/widget-position-align.js,\
aui/widget-position-constrain/widget-position-constrain.js,\
aui/widget-position/widget-position.js,\
aui/widget-stack/widget-stack.js,\
aui/widget-stdmod/widget-stdmod.js,\
\
#
# Alloy modules
#
\
aui/aui-aria/aui-aria.js,\
aui/aui-io-plugin-deprecated/aui-io-plugin-deprecated.js,\
aui/aui-io-request/aui-io-request.js,\
aui/aui-loading-mask-deprecated/aui-loading-mask-deprecated.js,\
aui/aui-overlay-base-deprecated/aui-overlay-base-deprecated.js,\
aui/aui-overlay-context-deprecated/aui-overlay-context-deprecated.js,\
aui/aui-overlay-manager-deprecated/aui-overlay-manager-deprecated.js,\
aui/aui-overlay-mask-deprecated/aui-overlay-mask-deprecated.js,\
aui/aui-parse-content/aui-parse-content.js,\
\
#
# Liferay modules
#
\
liferay/address.js,\
liferay/dockbar.js,\
liferay/layout_exporter.js,\
liferay/session.js,\
\
#
# Deprecated JS
#
\
liferay/deprecated.js
#
# Set this property to false to always load JavaScript files listed in the
# property "javascript.everything.files". Set this to true to sometimes
# load "javascript.barebone.files" and sometimes load
# "javascript.everything.files".
#
# The default logic is coded in com.liferay.portal.events.ServicePreAction
# in such a way that unauthenticated users get the list of barebone
# JavaScript files whereas authenticated users get both the list of barebone
# JavaScript files and the list of everything JavaScript files.
#
javascript.barebone.enabled=true
#
# Set this property to true to load the packed version of files listed in
# the properties "javascript.barebone.files" or
# "javascript.everything.files".
#
# Set this property to false for easier debugging for development. You can
# also disable fast loading by setting the URL parameter "js_fast_load" to
# "0".
#
javascript.fast.load=true
#
# Input a list of comma delimited properties that are valid bundle IDs for
# the JavaScript minifier.
#
javascript.bundle.ids=\
javascript.barebone.files,\
javascript.everything.files
#
# Define a bundle directory for each property listed in
# "javascript.bundle.ids".
#
javascript.bundle.dir[javascript.barebone.files]=/html/js
javascript.bundle.dir[javascript.everything.files]=/html/js
#
# Define the bundle dependencies using any property listed in
# "javascript.bundle.ids".
#
javascript.bundle.dependencies[javascript.everything.files]=javascript.barebone.files
#
# Set this to true to enable the display of JavaScript logging.
#
javascript.log.enabled=false
#
# Set this to true to enable Single Page Application links.
#
javascript.single.page.application.enabled=true
##
## SQL Data
##
#
# Set the default SQL IDs for common objects.
#
sql.data.com.liferay.portal.model.Country.country.id=19
sql.data.com.liferay.portal.model.Region.region.id=5
sql.data.com.liferay.portal.model.ListType.account.address=10000
sql.data.com.liferay.portal.model.ListType.account.email.address=10004
sql.data.com.liferay.portal.model.ListType.contact.email.address=11003
sql.data.com.liferay.portal.model.ListType.organization.status=12017
#
# Set the maximum parameters that a SQL transaction query can contain. Some
# databases do not allow for more than 2000 parameters in a query.
#
sql.data.max.parameters=1000
##
## Weblogic
##
#
# Set the strategy for non-serializable wrapping on Weblogic. If set to
# true, the wrapping is done for all objects. If set to false, no wrapping
# is done, but Weblogic must be configured not serializae request
# attributes.
#
weblogic.request.wrap.non.serializable=true
##
## Company
##
company.default.name=Liferay
#
# This sets the default web ID. Omniadmin users must belong to the company
# with this web ID.
#
company.default.web.id=liferay.com
#
# This sets the default home URL of the portal.
#
company.default.home.url=/web/guest
#
# This sets the default locale of the portal, overriding the properties
# "user.language" and "user.country" specified in system.properties.
#
#company.default.locale=en_US
#
# This sets the default time zone of the portal.
#
company.default.time.zone=UTC
#
# Set this to the appropriate encryption algorithm to be used for
# company level encryption algorithms (except password encryption which is
# defined via the property "passwords.encryption.algorithm").
#
# If you change this setting, you may need to also change the property
# "company.encryption.key.size" to configure the desired encryption key
# size.
#
# For more details about encryption keys, see the Java Cryptography
# Extension documentation.
#
company.encryption.algorithm=AES
#company.encryption.algorithm=Blowfish
#company.encryption.algorithm=DES
#company.encryption.algorithm=DESede
#
# Set this to define the size used for the company wide encryption key. If
# you change this setting, you may need to also change the property
# "company.encryption.algorithm" to ensure the algorithm supports your key
# size. Most encryption algorithm implementations do not support key sizes
# stronger than 128. Only those with unlimited strength cryptography support
# stronger keys.
#
# For more details about supported key sizes for encryption keys, see
# the Java Cryptography Extension documentation.
#
#company.encryption.key.size=56
company.encryption.key.size=128
#company.encryption.key.size=168
#company.encryption.key.size=256
#company.encryption.key.size=384
#company.encryption.key.size=512
#
# The login field is prepopulated with the company's domain name if the
# login is unpopulated and user authentication is based on email addresses.
# Set this to false to disable the behavior.
#
company.login.prepopulate.domain=true
#
# The portal can authenticate users based on their email address, screen
# name, or user ID.
#
company.security.auth.type=emailAddress
#company.security.auth.type=screenName
#company.security.auth.type=userId
#
# Set this to true to ensure users login with https. If this is set to true
# and you want your HTTP session to contain your credentials after logging
# in, then the property "session.enable.phishing.protection" must be set to
# false or your credentials will only be available in the HTTPS session.
#
company.security.auth.requires.https=false
#
# Set this to true to allow users to select the "remember me" feature to
# automatically login to the portal.
#
company.security.auto.login=true
#
# Set this to the maximum age (in number of seconds) of the browser cookie
# that enables the "remember me" feature. A value of 31536000 signifies
# lifespan of one year. A value of -1 signifies a lifespan of a browser
# session.
#
# Rather than setting this to 0, set the property
# "company.security.auto.login" to false to disable the "remember me"
# feature.
#
company.security.auto.login.max.age=31536000
#
# Set this to true to allow users to autocomplete the login form based on
# their previously entered values.
#
company.security.login.form.autocomplete=true
#
# Set this to true to allow users to autocomplete the reminder query form
# based on their previously entered values.
#
company.security.password.reminder.query.form.autocomplete=true
#
# Set this to true to allow users to ask the portal to send them their
# password.
#
company.security.send.password=true
#
# Set this to true to allow users to ask the portal to send them a password
# reset link.
#
company.security.send.password.reset.link=true
#
# Set this to true to allow strangers to create accounts and register
# themselves on the portal.
#
company.security.strangers=true
#
# Enter a friendly URL of a page that will be used to create new accounts
# whenever the user clicks the "create account" link in the login portlet.
# This allows providing custom portlets to create accounts. By default, the
# portal's create account will be used.
#
#company.security.strangers.url=/create_account
#
# Set this to true if strangers can create accounts with email addresses
# that match the company mail suffix. This property is not used unless
# "company.security.strangers" is also set to true.
#
company.security.strangers.with.mx=true
#
# Set this to true if strangers who create accounts need to be verified via
# email.
#
company.security.strangers.verify=false
#
# Set this to true to allow site administrators to use their own logo
# instead of the enterprise logo.
#
company.security.site.logo=true
#
# Input a list of sections that will be included as part of the company
# settings form.
#
company.settings.form.configuration=general,authentication,users,mail-host-names,email-notifications,content-sharing
#company.settings.form.configuration=general,authentication,users,mail-host-names,email-notifications,content-sharing,recycle-bin
company.settings.form.identification=addresses,phone-numbers,additional-email-addresses,websites
company.settings.form.miscellaneous=display-settings,analytics,maps,ratings
company.settings.form.social=interactions
#
# Input a list of sections that will be included as part of the company
# authentication settings form.
#
company.settings.form.authentication=general,ldap,cas,facebook,ntlm,open-id,open-sso,siteminder
##
## Users
##
#
# Set this to false if users cannot be deleted.
#
users.delete=true
#
# Set this to true when you want the validation to allow for creation of
# numeric screen names.
#
# If this property is set to true, not all numeric values are allowed. The
# friendly URL for a user is its screen name. The friendly URL for a group
# is its group ID. The two are not allowed to be the same.
#
users.screen.name.allow.numeric=false
#
# Set this to true to always autogenerate user screen names even if the user
# gives a specific user screen name. If this is set to true, the LDAP
# importer will fetch users by their email address even if the property
# "company.security.auth.type" is set to screenName.
#
users.screen.name.always.autogenerate=false
#
# Input a class name that implements
# com.liferay.portal.security.auth.ScreenNameGenerator. This class will be
# called to generate user screen names.
#
# This property is not read by the portal except for portal properties
# overridden by liferay-hook.xml. It remains here only as a reference.
#
#users.screen.name.generator=com.liferay.portal.security.auth.DefaultScreenNameGenerator
#
# Input a class name that implements
# com.liferay.portal.security.auth.ScreenNameValidator. This class will be
# called to validate user screen names.
#
# This property is not read by the portal except for portal properties
# overridden by liferay-hook.xml. It remains here only as a reference.
#
#users.screen.name.validator=com.liferay.portal.security.auth.DefaultScreenNameValidator
#users.screen.name.validator=com.liferay.portal.security.auth.LiberalScreenNameValidator
#
# Set this to false if you want to be able to create users without an email
# address. An email address will be automatically assigned to a user based
# on the property "users.email.address.auto.suffix".
#
users.email.address.required=true
#
# Set the suffix of the email address that will be automatically generated
# for a user that does not have an email address. This property is not used
# unless the property "users.email.address.required" is set to false. The
# autogenerated email address will be the user ID plus the specified suffix.
#
users.email.address.auto.suffix=@no-emailaddress.com
#
# Input a class name that implements
# com.liferay.portal.security.auth.EmailAddressGenerator. This class will be
# called to generate an email address for a user that does not specify an
# email address. This class will only be used if the property
# "users.email.address.required" is set to false.
#
# This property is not read by the portal except for portal properties
# overridden by liferay-hook.xml. It remains here only as a reference.
#
#users.email.address.generator=com.liferay.portal.security.auth.DefaultEmailAddressGenerator
#
# Input a class name that implements
# com.liferay.portal.security.auth.EmailAddressValidator. This class will be
# called to validate user email addresses.
#
# This property is not read by the portal except for portal properties
# overridden by liferay-hook.xml. It remains here only as a reference.
#
#users.email.address.validator=com.liferay.portal.security.auth.DefaultEmailAddressValidator
#users.email.address.validator=com.liferay.portal.security.auth.LiberalEmailAddressValidator
#
# Set this to true if you want the last name to be required when creating
# users.
#
users.last.name.required=false
#
# Input a class name that implements
# com.liferay.portal.security.auth.FullNameGenerator. This class will be
# called to generate a full name from the user's first, middle, and last
# names.
#
# This property is not read by the portal except for portal properties
# overridden by liferay-hook.xml. It remains here only as a reference.
#
#users.full.name.generator=com.liferay.portal.security.auth.DefaultFullNameGenerator
#users.full.name.generator=com.liferay.portal.security.auth.FamilyNameFirstFullNameGenerator
#
# Input a class name that implements
# com.liferay.portal.security.auth.FullNameValidator. This class will be
# called to validate the user's first, middle, and last names.
#
# This property is not read by the portal except for portal properties
# overridden by liferay-hook.xml. It remains here only as a reference.
#
#users.full.name.validator=com.liferay.portal.security.auth.DefaultFullNameValidator
#
# Set this to true to check the image token before displaying it.
#
users.image.check.token=true
#
# Set the maximum file size for user portraits. A value
# of 0 for the maximum file size can be used to indicate unlimited file
# size. However, the maximum file size allowed is set in the property
# "com.liferay.portal.upload.UploadServletRequestImpl.max.size".
#
users.image.max.size=307200
#
# Set the maximum user portrait height and width in pixels. A value of 0
# indicates no restrictions on user portrait dimensions.
#
users.image.max.height=120
users.image.max.width=100
# Set this to true to record last login information for a user.
#
users.update.last.login=true
#
# Input a list of sections that will be included as part of the user form
# when adding a user.
#
users.form.add.main=details,organizations,personal-site
users.form.add.identification=
users.form.add.miscellaneous=
#
# Input a list of sections that will be included as part of the user form
# when updating a user.
#
users.form.update.main=details,password,organizations,sites,user-groups,roles,personal-site,categorization
users.form.update.identification=addresses,phone-numbers,additional-email-addresses,websites,instant-messenger,social-network,sms,open-id
users.form.update.miscellaneous=announcements,display-settings,comments,custom-fields
#
# Input a list of sections that will be included as part of the user form
# when updating a user in the My Account portlet.
#
users.form.my.account.main=details,password,organizations,sites,user-groups,roles,categorization
users.form.my.account.identification=addresses,phone-numbers,additional-email-addresses,websites,instant-messenger,social-network,sms,open-id
users.form.my.account.miscellaneous=announcements,display-settings,comments,custom-fields
#
# Set the allowed user list views.
#
users.list.views=tree,flat-user-groups
#
# Set this to true to enable reminder queries that are used to help reset a
# user's password.
#
users.reminder.queries.enabled=true
users.reminder.queries.custom.question.enabled=true
#
# Set this to false to enable users without a reminder query to reset their
# password.
#
users.reminder.queries.required=false
#
# Input a list of questions used for reminder queries.
#
users.reminder.queries.questions=what-is-your-primary-frequent-flyer-number,what-is-your-library-card-number,what-was-your-first-phone-number,what-was-your-first-teacher's-name,what-is-your-father's-middle-name
#
# Set this to false to disable the user indexer.
#
users.indexer.enabled=true
#
# Set this to true to search users from the index. Set this to false to
# search users from the database. Note that setting this to false will
# disable the ability to search users based on Expando attributes. This
# setting is not used unless the property "users.indexer.enabled" is set
# to true.
#
users.search.with.index=true
#
# Set a property with the prefix "users.update.user.name." and a suffix
# with the class name that should be updated whenever a user's name has
# changed.
#
users.update.user.name.com.liferay.portlet.messageboards.model.MBMessage=true
#
# Input a list of user attributes that will be included when exporting users
# to a CSV file. You can include custom fields by adding the prefix
# "expando:" to the attribute name.
#
users.export.csv.fields=fullName,emailAddress
#
# Set the friendly URL to a user's profile page. If none is specified, the
# portal will query the user's first public page at runtime.
#
# The following variables can be used: ${liferay:screenName} and
# ${liferay:userId}.
#
#users.profile.friendly.url=/web/${liferay:screenName}/profile
#
# Set the maximum number of organizations, roles, and user groups to display
# for each user in the user's administration search container.
#
users.admin.organization.column.limit=50
users.admin.role.column.limit=50
users.admin.user.group.column.limit=50
##
## Groups and Roles
##
#
# Input a list of comma delimited system group names that will exist in
# addition to the standard system groups. When the server starts, the portal
# checks to ensure all system groups exist. Any missing system group will be
# created by the portal.
#
system.groups=
#
# Input a list of comma delimited system role names that will exist in
# addition to the standard system roles. When the server starts, the portal
# checks to ensure all system roles exist. Any missing system role will be
# created by the portal.
#
# The standard system roles are: Administrator, Guest, Power User, and User.
# These roles cannot be removed or renamed.
#
system.roles=
#
# Set the description of the Administrator system role.
#
system.role.Administrator.description=Administrators are super users who can do anything.
#
# Set the description of the Guest system role.
#
system.role.Guest.description=Unauthenticated users always have this role.
#
# Set the description of the Owner system role.
#
system.role.Owner.description=This is an implied role with respect to the objects users create.
#
# Set the description of the Power User system role.
#
system.role.Power.User.description=Power Users have their own personal site.
#
# Set the description of the User system role.
#
system.role.User.description=Authenticated users should be assigned this role.
#
# Input a list of comma delimited system organization role names that will
# exist in addition to the standard system organization roles. When the
# server starts, the portal checks to ensure all system organization roles
# exist. Any missing system organization role will be created by the portal.
#
# The standard system organization roles are: Organization Administrator,
# Organization Member, and Organization Owner. These roles cannot be removed
# or renamed.
#
system.organization.roles=
#
# Set the description of the Organization Administrator system organization
# role.
#
system.organization.role.Organization.Administrator.description=Organization Administrators are super users of their organization but cannot make other users into Organization Administrators.
#
# Set the description of the Organization Member system organization role.
#
system.organization.role.Organization.User.description=All users who belong to an organization have this role within that organization.
#
# Set the description of the Organization Owner system organization role.
#
system.organization.role.Organization.Owner.description=Organization Owners are super users of their organization and can assign organization roles to users.
#
# Input a list of comma delimited system site role names that will exist in
# addition to the standard system site roles. When the server starts, the
# portal checks to ensure all system site roles exist. Any missing system
# site role will be created by the portal.
#
# The standard system site roles are: Site Administrator, Site Member, and
# Site Owner. These roles cannot be removed or renamed.
#
system.site.roles=
#
# Set the description of the Site Administrator system site role.
#
system.site.role.Site.Administrator.description=Site Administrators are super users of their site but cannot make other users into Site Administrators.
#
# Set the description of the Site Member system site role.
#
system.site.role.Site.Member.description=All users who belong to a site have this role within that site.
#
# Set the description of the Site Owner system site role.
#
system.site.role.Site.Owner.description=Site Owners are super users of their site and can assign site roles to users.
#
# Omniadmin users can administer the portal's core functionality: gc,
# shutdown, etc. Omniadmin users must belong to the default company.
#
# Multiple portal instances might be deployed on one application server, but
# not all of the administrators should have access to this core
# functionality. Input the IDs of users who are omniadmin users.
#
# Leave this field blank if users who belong to the right company and have
# the Administrator role are allowed to administer the portal's core
# functionality.
#
omniadmin.users=
#
# Set this to true if all users are required to agree to the terms of use.
#
terms.of.use.required=true
#
# Specify the group ID and the article ID of the Journal article that will
# be displayed as the terms of use. The default text will be used if no
# Journal article is specified.
#
terms.of.use.journal.article.group.id=
terms.of.use.journal.article.id=
#
# Input a list of group class names that will trigger a complex SQL query to
# delegate filtering in the database tier. A group class name corresponds to
# the className column in the Group_ table. Filtering in memory at the
# application tier after a simple SQL query can be much better on
# performance.
#
groups.complex.sql.class.names=com.liferay.portal.model.User
#
# Specify subtypes of roles if you want to be able to search for roles
# using your custom criteria.
#
roles.site.subtypes=
roles.organization.subtypes=
roles.regular.subtypes=
#
# Set this to true when you want the validation to allow for creation of
# roles with numeric names.
#
roles.name.allow.numeric=false
##
## Organizations
##
organizations.types=regular-organization,location
organizations.rootable[regular-organization]=true
organizations.children.types[regular-organization]=regular-organization,location
organizations.country.enabled[regular-organization]=false
organizations.country.required[regular-organization]=false
organizations.rootable[location]=false
#organizations.children.types[location]=
organizations.country.enabled[location]=true
organizations.country.required[location]=true
#
# Input a list of sections that will be included as part of the organization
# form when adding an organization.
#
organizations.form.add.main=details,organization-site
organizations.form.add.identification=
organizations.form.add.miscellaneous=
#
# Input a list of sections that will be included as part of the organization
# form when updating an organization.
#
organizations.form.update.main=details,organization-site,categorization
organizations.form.update.identification=addresses,phone-numbers,additional-email-addresses,websites,services
organizations.form.update.miscellaneous=comments,reminder-queries,custom-fields
#
# Set this property to false if you want any administrator of an
# organization to be able to assign any user to that organization. By
# default, he will only be able to assign the users of the organizations
# and suborganizations that he can manage.
#
organizations.assignment.strict=true
#
# Set this property to true if you want users to only be members of the
# organizations to which they are assigned explicitly. By default, they will
# also become implicit members of the ancestors of those organizations.
# For example, if a user belongs to Liferay Spain, he will implicitly be a
# member of the ancestors Liferay Europe and Liferay Global and will be
# able to access their private pages.
#
organizations.membership.strict=false
#
# Set this to false to disable the organization indexer.
#
organizations.indexer.enabled=true
#
# Set this to true to search organizations from the index. Set this to false
# to search organizations from the database. Note that setting this to false
# will disable the ability to search organizations based on Expando
# attributes. This setting is not used unless the property
# "organizations.indexer.enabled" is set to true.
#
organizations.search.with.index=true
##
## User Groups
##
#
# Set this to true when you want the validation to allow for creation of
# user groups with numeric names.
#
user.groups.name.allow.numeric=false
#
# Set this to true to enable the legacy behavior of copying user group pages
# to user personal sites. This behavior is deprecated and is likely to be
# removed and replaced with a different scheme in future releases.
#
user.groups.copy.layouts.to.user.personal.site=false
#
# Set this to false to disable the user group indexer.
#
user.groups.indexer.enabled=true
#
# Set this to true to search user groups from the index. Set this to false
# to search user groups from the database. Note that setting this to false
# will disable the ability to search user groups based on Expando
# attributes. This setting is not used unless the property
# "user.groups.indexer.enabled" is set to true.
#
user.groups.search.with.index=true
##
## Membership Policies
##
#
# Set this to true to verify membership policies every time the server
# starts or when a membership policy hook is deployed.
#
membership.policy.auto.verify=false
#
# Input a class name that implements
# com.liferay.portal.security.membershippolicy.OrganizationMembershipPolicy.
# This class will be called whenever a user is added or removed from an
# organization or when a user is assigned or unassigned to a organization
# role or when a new organization is added or updated.
#
# This property is not read by the portal except for portal properties
# overridden by liferay-hook.xml. It remains here only as a reference.
#
#membership.policy.organizations=com.liferay.portal.security.membershippolicy.DummyOrganizationMembershipPolicy
#
# Input a class name that implements
# com.liferay.portal.security.membershippolicy.RoleMembershipPolicy. This
# class will be called whenever a user is assign or unassigned from a
# regular role or when a new role is added or updated.
#
# This property is not read by the portal except for portal properties
# overridden by liferay-hook.xml. It remains here only as a reference.
#
#membership.policy.roles=com.liferay.portal.security.membershippolicy.DummyRoleMembershipPolicy
#
# Input a class name that implements
# com.liferay.portal.security.membershippolicy.SiteMembershipPolicy. This
# class will be called whenever a user is added or removed from a site or
# when a user is assigned or unassigned to a site role or a new site is
# added or updated.
#
# This property is not read by the portal except for portal properties
# overridden by liferay-hook.xml. It remains here only as a reference.
#
#membership.policy.sites=com.liferay.portal.security.membershippolicy.DummySiteMembershipPolicy
#membership.policy.sites=com.liferay.portal.security.membershippolicy.DefaultSiteMembershipPolicy
#
# Input a class name that implements
# com.liferay.portal.security.membershippolicy.UserGroupsMembershipPolicy.
# This class will be called whenever a user is added or removed from a user
# group or a new user group is added or updated.
#
# This property is not read by the portal except for portal properties
# overridden by liferay-hook.xml. It remains here only as a reference.
#
#membership.policy.user.groups=com.liferay.portal.security.membershippolicy.DummyUserGroupMembershipPolicy
##
## Languages and Time Zones
##
#
# Specify the available locales. Messages corresponding to a specific
# language are specified in properties files with file names matching that
# of content/Language_*.properties. These values can also be overridden in
# properties files with file names matching that of
# content/Language-ext_*.properties. Use a comma to separate
# each entry.
#
# If there is more than one locale for the same language, the first one in
# the list will be used when a translation is requested in another locale of
# the same language but a translated value cannot be found. For example, if
# there are two locales such us pt_BR and pt_PT (in this order), any key not
# found in pt_PT will be looked for in pt_BR.
#
# Language codes follow the ISO 639-1 standard. Content for each locale must
# be UTF-8 encoded.
#
# See the following links, which specify language and country codes:
# http://www.loc.gov/standards/iso639-2/php/code_list.php
# http://userpage.chemie.fu-berlin.de/diverse/doc/ISO_3166.html
#
locales=ar_SA,eu_ES,bg_BG,ca_AD,ca_ES,zh_CN,zh_TW,hr_HR,cs_CZ,da_DK,nl_NL,nl_BE,en_US,en_GB,en_AU,et_EE,fi_FI,fr_FR,fr_CA,gl_ES,de_DE,el_GR,iw_IL,hi_IN,hu_HU,in_ID,it_IT,ja_JP,ko_KR,lo_LA,lt_LT,nb_NO,fa_IR,pl_PL,pt_BR,pt_PT,ro_RO,ru_RU,sr_RS,sr_RS_latin,sl_SI,sk_SK,es_ES,sv_SE,tr_TR,uk_UA,vi_VN
#
# Specify the locales that are in beta. Go to http://translate.liferay.com
# to participate in the translation efforts.
#
locales.beta=ar_SA,eu_ES,bg_BG,ca_AD,zh_TW,hr_HR,cs_CZ,da_DK,nl_BE,en_GB,en_AU,et_EE,gl_ES,el_GR,hi_IN,in_ID,it_IT,ko_KR,lo_LA,lt_LT,nb_NO,fa_IR,pl_PL,pt_PT,ro_RO,ru_RU,sr_RS,sr_RS_latin,sl_SI,sk_SK,sv_SE,tr_TR,uk_UA,vi_VN
#
# Specify the locales that are enabled by default.
#
locales.enabled=ca_ES,zh_CN,nl_NL,en_US,fi_FI,fr_FR,de_DE,iw_IL,hu_HU,ja_JP,pt_BR,es_ES
#
# Set this to true if unauthenticated users get their preferred language
# from the Accept-Language header. Set this to false if unauthenticated
# users get their preferred language from their company.
#
locale.default.request=false
#
# Set this to 0 if the locale is not automatically prepended to a URL. This
# means that each URL could potentially point to many different languages.
# For example, the URL http://localhost:8080/web/guest/home could then be
# viewed by users in many different languages.
#
# Set this to 1 if the locale is automatically prepended to a URL when the
# requested locale is not the default locale. This means that each URL
# points to just one language. For example, the URL
# http://localhost:8080/web/guest/home would point to the default language.
# The URL http://localhost:8080/zh/web/guest/home and
# http://localhost:8080/zh_CN/web/guest/home would both point to the Chinese
# language.
#
# In cases where the prepended locale is "zh" and not the complete locale
# "zh_CN", then the full locale returned will be based on the order in which
# the locales appear in the property "locales". If "zh_CN" appears before
# "zh_TW", then "zh" will be a short hand for "zh_TW".
#
# The default language is set in system.properties with the properties
# "user.country" and "user.language".
#
# Set this to 2 if the locale is automatically prepended to every URL. This
# means that each URL points to just one language.
#
# Set this to 3 if the locale is automatically prepended to a URL when the
# requested locale is not the default user locale. In the case of guest
# users, the behavior is the same as having a value of 1.
#
# Note that each language requires an entry in the property "locales" and a
# servlet mapping in web.xml for the I18n Servlet.
#
locale.prepend.friendly.url.style=3
#
# Set this to true to disable language translations. When a translation is
# requested for the key "first-name", instead of returning "First Name" in
# English (or in its relevant locale), it will return "first-name".
#
translations.disabled=false
#
# Specify the available time zones. The specified IDs must match those from
# the class java.util.TimeZone.
#
time.zones=\
Pacific/Midway,\
Pacific/Honolulu,\
America/Anchorage,\
America/Los_Angeles,\
America/Phoenix,\
America/Denver,\
America/Chicago,\
America/New_York,\
America/Caracas,\
America/Puerto_Rico,\
America/St_Johns,\
America/Sao_Paulo,\
America/Noronha,\
Atlantic/Azores,\
UTC,\
Europe/Lisbon,\
Europe/Paris,\
Europe/Istanbul,\
Asia/Jerusalem,\
Asia/Baghdad,\
Asia/Tehran,\
Asia/Dubai,\
Asia/Kabul,\
Asia/Karachi,\
Asia/Calcutta,\
Asia/Katmandu,\
Asia/Dhaka,\
Asia/Rangoon,\
Asia/Saigon,\
Asia/Shanghai,\
Asia/Tokyo,\
Asia/Seoul,\
Australia/Perth,\
Australia/Eucla,\
Australia/Darwin,\
Australia/Sydney,\
Australia/Lord_Howe,\
Pacific/Guadalcanal,\
Pacific/Auckland,\
Pacific/Enderbury,\
Pacific/Kiritimati
##
## Look and Feel
##
#
# Set this to false if the system does not allow users to modify the look
# and feel.
#
look.and.feel.modifiable=true
#
# Set the default layout template ID.
#
default.layout.template.id=2_columns_ii
#
# Set the default theme ID for regular themes.
#
default.regular.theme.id=classic
#
# Set the default color scheme ID for regular themes.
#
default.regular.color.scheme.id=01
#
# Set the default theme ID for wap themes. This property is not used unless
# the property "mobile.device.styling.wap.enabled" is set to true.
#
# This property is deprecated and only provided for backwards compatibility.
#
default.wap.theme.id=mobile
#
# Set the default color scheme ID for wap themes. This property is not used
# unless the property "mobile.device.styling.wap.enabled" is set to true.
#
# This property is deprecated and only provided for backwards compatibility.
#
default.wap.color.scheme.id=01
#
# Set this to true if you want a change in the theme selection of the public
# or private group to automatically be applied to the other (i.e. if public
# and private group themes should always be the same).
#
theme.sync.on.group=false
##
## Request
##
#
# Portlets that have been configured to use private request attributes in
# liferay-portlet.xml may still want to share some request attributes. This
# property allows you to configure which request attributes will be shared.
# Set a comma delimited list of attribute names that will be shared when the
# attribute name starts with one of the specified attribute names. For
# example, if you set the value to "hello_,world_", then all attribute names
# that start with "hello_" or "world_" will be shared.
#
request.shared.attributes=LIFERAY_SHARED_
##
## Session
##
#
# Set the maximum number of key value pairs that can be stored in the
# session via SessionClicks. See LPS-20096 for more information.
#
session.clicks.max.allowed.values=1024
#
# Set the maximum size of key and value terms that can be stored in the
# session via SessionClicks. See LPS-20096 for more information.
#
session.clicks.max.size.terms=1024
#
# Specify the delimiter for parsing compound session IDs.
#
# This addresses an issue with Weblogic and all application servers where
# the application server appends a unique JVM code to the session ID. See
# LPS-18587.
#
# Set a blank delimiter for the portal to attempt to detect a delimiter
# based on the application server.
#
session.id.delimiter=
session.id.weblogic.delimiter=!
#
# Specify the maximum number of sessions allowed. A value of 0 or less than
# 0 means there is no limit. A value greater than 0 limits the
# number of sessions by invalidating newer sessions.
#
# This property is not used unless the session max allowed filter is
# enabled.
#
session.max.allowed=0
#
# Specify the number of minutes before a session expires. This value is
# always overridden by the value set in web.xml.
#
session.timeout=30
#
# Specify the number of minutes before a warning is sent to the user
# informing the user of the session expiration. Specify 0 to disable any
# warnings.
#
session.timeout.warning=1
#
# Set the auto-extend mode to true to avoid having to ask the user whether
# to extend the session or not. Instead, it will be automatically extended.
# The purpose of this mode is to keep the session open as long as the user's
# browser is open with a portal page loaded. It is recommended to use
# this setting along with a smaller "session.timeout", such as 5 minutes,
# for better performance.
#
session.timeout.auto.extend=false
#
# Set this to true if the user is redirected to the default page when the
# session expires.
#
session.timeout.redirect.on.expire=false
#
# Portlets that have been configured to use private session attributes in
# liferay-portlet.xml may still want to share some session attributes. This
# property allows you to configure which session attributes will be shared.
# Set a comma delimited list of attribute names that will be shared when the
# attribute name starts with one of the specified attribute names. For
# example, if you set the value to "hello_,world_", then all attribute names
# that start with "hello_" or "world_" will be shared.
#
# Note that this property is used to specify the sharing of session
# attributes from the portal to the portlet. This is not used to specify
# session sharing between portlet WARs or from the portlet to the portal.
#
session.shared.attributes=COMPANY_,LIFERAY_SHARED_,org.apache.struts.action.LOCALE,PORTLET_RENDER_PARAMETERS_,PUBLIC_RENDER_PARAMETERS_POOL_,USER_
#
# Explicitly exclude attributes that are shared from the portal to portlets.
#
session.shared.attributes.excludes=USER_PASSWORD
#
# Set this to true to store the user's password in the session.
#
session.store.password=false
#
# Set this to false to disable all persistent cookies. Features like
# automatically logging in will not work.
#
session.enable.persistent.cookies=true
#
# Set this to true to enable sessions when cookies are disabled. See
# LEP-4787. This behavior is configurable because enabling it can break
# certain setups.
#
session.enable.url.with.session.id=false
#
# The login process sets several cookies if persistent cookies are enabled.
# Set this property to set the domain of those cookies.
#
#session.cookie.domain=
#
# Set this to true to use the full hostname for cookie domain values. By
# default the domain is trimmed to use only the root domain to allow cross
# domain logins.
#
session.cookie.use.full.hostname=false
#
# Set this to true to invalidate the session when a user logs into the
# portal. This helps prevent phishing. Set this to false if you need the
# guest user and the authenticated user to have the same session.
#
# Set this to false if the property "company.security.auth.requires.https"
# is set to true and you want to maintain the same credentials across HTTP
# and HTTPS sessions.
#
session.enable.phishing.protection=true
#
# Set a comma delimited list of attribute names that will be copied to the
# new session when the property "session.enable.phishing.protection" is set
# to true.
#
session.phishing.protected.attributes=HTTPS_INITIAL,LAST_PATH
#
# Set this to true to test whether users have cookie support before allowing
# them to sign in. This test will always fail if "tck.url" is set to true
# because that property disables session cookies.
#
session.test.cookie.support=true
#
# Set this to true to allow
# com.liferay.portal.kernel.servlet.SerializableSessionAttributeListener to
# test if an added session variable is serializable. Unserializable values
# stored into the session will cause a session to not replicate if session
# replication was enabled by the application server.
#
session.verify.serializable.attribute=true
#
# Set this to true to disable sessions. Doing this will use cookies to
# remember the user across requests. This is useful if you want to scale
# very large sites where the user may be sent to a different server for each
# request. The drawback to this approach is that you must not rely on the
# API for sessions provided by the servlet and portlet specs.
#
# This feature is only available for Tomcat and requires that you set
# Tomcat's Manager class to
# "com.liferay.support.tomcat.session.SessionLessManagerBase".
#
# Setting this to true will forcibly set "layout.ajax.render.enable" to
# false since ajax rendering requires sessions to be enabled.
#
session.disabled=false
#
# Input a list of comma delimited class names that extend
# com.liferay.portal.struts.SessionAction. These classes will run at the
# specified event.
#
#
# Servlet session create event
#
servlet.session.create.events=com.liferay.portal.events.SessionCreateAction
#
# Servlet session destroy event
#
servlet.session.destroy.events=com.liferay.portal.events.SessionDestroyAction,com.liferay.portal.events.ChannelSessionDestroyAction
#
# Set this to true to track user clicks in memory for the duration of a
# user's session. Setting this to true allows you to view all live sessions
# in the Admin portlet.
#
session.tracker.memory.enabled=true
#
# Set this to true to track user clicks in the database after a user's
# session is invalidated. Setting this to true allows you to generate usage
# reports from the database. Use this cautiously because this will store a
# lot of usage data.
#
session.tracker.persistence.enabled=false
#
# Set this to true to convert the tracked paths to friendly URLs.
#
session.tracker.friendly.paths.enabled=false
#
# Enter a list of comma delimited paths that should not be tracked.
#
session.tracker.ignore.paths=\
/portal/render_portlet,\
\
/document_library/get_file
##
## JAAS
##
#
# Set this to false to disable JAAS security checks. Disabling JAAS speeds
# up login. JAAS must be disabled if administrators are to be able to
# impersonate other users.
#
portal.jaas.enable=false
#
# JAAS can authenticate users based on their email address, screen name,
# user ID, or login as determined by the property
# "company.security.auth.type".
#
#portal.jaas.auth.type=emailAddress
#portal.jaas.auth.type=screenName
portal.jaas.auth.type=userId
#portal.jaas.auth.type=login
#
# By default, com.liferay.portal.security.jaas.PortalLoginModule loads the
# correct JAAS login module based on what application server or servlet
# container the portal is deployed on. Set a JAAS implementation class to
# override this behavior.
#
#portal.jaas.impl=
#
# Some JAAS login modules only work with a plain text password. Set this
# property to true to pass plain text passwords to JAAS.
#
portal.jaas.plain.password=false
#
# The JAAS process may pass in an encrypted password and the authentication
# will only succeed if there is an exact match. Set this property to false
# to relax that behavior so the user can input an unencrypted password.
#
portal.jaas.strict.password=false
#
# Set this to true to enable administrators to impersonate other users.
#
portal.impersonation.enable=true
#
# This sets the default impersonation URL of the portal. This property is
# not used if the company has a home URL set.
#
portal.impersonation.default.url=/web/guest
##
## JNDI
##
#
# Set the configuration values for the JNDI context. Any property prefixed
# with "jndi.environment." will be passed to the JNDI context as an
# environment variable. The valid values are those specified in
# javax.naming.Context.
#
#jndi.environment.java.naming.security.credentials=
#jndi.environment.java.naming.security.principal=
##
## Security Manager
##
#
# Set this property to "default" to use the default security manager
# configured by the application server. A security manager will not be used
# if the application server did not configure one.
#
# Set this property to "liferay" to use Liferay's security manager if the
# application server has not configured a security manager.
#
portal.security.manager.strategy=default
#
# Set the PACL policy checker to use for checking a security manager
# permission.
#
portal.security.manager.pacl.policy.checker[com.liferay.portal.kernel.security.pacl.permission.PortalHookPermission]=com.liferay.portal.security.pacl.checker.PortalHookChecker
portal.security.manager.pacl.policy.checker[com.liferay.portal.kernel.security.pacl.permission.PortalMessageBusPermission]=com.liferay.portal.security.pacl.checker.PortalMessageBusChecker
portal.security.manager.pacl.policy.checker[com.liferay.portal.kernel.security.pacl.permission.PortalRuntimePermission]=com.liferay.portal.security.pacl.checker.PortalRuntimeChecker
portal.security.manager.pacl.policy.checker[com.liferay.portal.kernel.security.pacl.permission.PortalServicePermission]=com.liferay.portal.security.pacl.checker.PortalServiceChecker
portal.security.manager.pacl.policy.checker[java.awt.AWTPermission]=com.liferay.portal.security.pacl.checker.AWTChecker
portal.security.manager.pacl.policy.checker[java.io.FilePermission]=com.liferay.portal.security.pacl.checker.FileChecker
portal.security.manager.pacl.policy.checker[java.io.SerializablePermission]=com.liferay.portal.security.pacl.checker.DefaultRejectChecker
portal.security.manager.pacl.policy.checker[java.lang.RuntimePermission]=com.liferay.portal.security.pacl.checker.RuntimeChecker
#portal.security.manager.pacl.policy.checker[java.lang.management.ManagementPermission]=com.liferay.portal.security.pacl.checker.DefaultAcceptChecker
portal.security.manager.pacl.policy.checker[java.lang.reflect.ReflectPermission]=com.liferay.portal.security.pacl.checker.ReflectChecker
portal.security.manager.pacl.policy.checker[java.net.NetPermission]=com.liferay.portal.security.pacl.checker.NetChecker
portal.security.manager.pacl.policy.checker[java.net.SocketPermission]=com.liferay.portal.security.pacl.checker.SocketChecker
#portal.security.manager.pacl.policy.checker[java.security.AllPermission]=
portal.security.manager.pacl.policy.checker[java.security.SecurityPermission]=com.liferay.portal.security.pacl.checker.SecurityChecker
#portal.security.manager.pacl.policy.checker[java.security.UnresolvedPermission]=
portal.security.manager.pacl.policy.checker[java.sql.SQLPermission]=com.liferay.portal.security.pacl.checker.DefaultRejectChecker
portal.security.manager.pacl.policy.checker[java.util.PropertyPermission]=com.liferay.portal.security.pacl.checker.PropertyChecker
#portal.security.manager.pacl.policy.checker[java.util.logging.LoggingPermission]=com.liferay.portal.security.pacl.checker.DefaultAcceptChecker
portal.security.manager.pacl.policy.checker[javax.management.MBeanPermission]=com.liferay.portal.security.pacl.checker.MBeanChecker
portal.security.manager.pacl.policy.checker[javax.management.MBeanServerPermission]=com.liferay.portal.security.pacl.checker.MBeanChecker
portal.security.manager.pacl.policy.checker[javax.management.MBeanTrustPermission]=com.liferay.portal.security.pacl.checker.MBeanChecker
portal.security.manager.pacl.policy.checker[javax.management.remote.SubjectDelegationPermission]=com.liferay.portal.security.pacl.checker.MBeanChecker
portal.security.manager.pacl.policy.checker[javax.net.ssl.SSLPermission]=com.liferay.portal.security.pacl.checker.DefaultRejectChecker
#portal.security.manager.pacl.policy.checker[javax.security.auth.AuthPermission]=com.liferay.portal.security.pacl.checker.DefaultAcceptChecker
#portal.security.manager.pacl.policy.checker[javax.security.auth.PrivateCredentialPermission]=com.liferay.portal.security.pacl.checker.DefaultAcceptChecker
#portal.security.manager.pacl.policy.checker[javax.security.auth.kerberos.DelegationPermission]=com.liferay.portal.security.pacl.checker.DefaultAcceptChecker
#portal.security.manager.pacl.policy.checker[javax.security.auth.kerberos.ServicePermission]=com.liferay.portal.security.pacl.checker.DefaultAcceptChecker
#portal.security.manager.pacl.policy.checker[javax.sound.sampled.AudioPermission]=com.liferay.portal.security.pacl.checker.DefaultAcceptChecker
#
# Set the default read paths used by
# com.liferay.portal.security.pacl.checker.FileChecker.
#
portal.security.manager.file.checker.default.read.paths[glassfish]=\
${liferay.web.portal.dir}html/common/-,\
${liferay.web.portal.dir}html/taglib/-
portal.security.manager.file.checker.default.read.paths[geronimo]=\
${org.apache.geronimo.home.dir}/var/shared/-
portal.security.manager.file.checker.default.read.paths[jetty]=\
${liferay.web.portal.dir},\
${liferay.web.portal.dir}html/common/-,\
${liferay.web.portal.dir}html/taglib/-
portal.security.manager.file.checker.default.read.paths[resin]=\
${resin.home}ext-lib/-,\
${liferay.web.portal.dir},\
${liferay.web.portal.dir}html/common/-,\
${liferay.web.portal.dir}html/taglib/-
portal.security.manager.file.checker.default.read.paths[weblogic]=\
${auto.deploy.installed.dir}/${plugin.servlet.context.name}/-,\
${auto.deploy.installed.dir}/ROOT/html/common/-,\
${auto.deploy.installed.dir}/ROOT/html/taglib/-
portal.security.manager.file.checker.default.read.paths[websphere]=\
${liferay.web.portal.dir}html/common/-,\
${liferay.web.portal.dir}html/taglib/-,\
${liferay.web.portal.dir}WEB-INF/classes,\
${liferay.web.portal.dir}WEB-INF/classes/html/common/-,\
${liferay.web.portal.dir}WEB-INF/classes/html/taglib/-
#
# Set the list of classes that will be preloaded by the PreloadClassloader
# to be made available to plugins when the portal security manager is
# enabled. These classes will be exempt from the security checks that result
# from class loading.
#
portal.security.manager.preload.classloader.classes=\
org.aopalliance.aop.Advice,\
org.springframework.aop.Advisor,\
org.springframework.aop.SpringProxy,\
org.springframework.aop.TargetSource,\
org.springframework.aop.framework.Advised,\
org.springframework.aop.framework.AopConfigException,\
org.springframework.jmx.export.MBeanExporter
##
## LDAP
##
#
# Set the values used to connect to an LDAP store.
#
#ldap.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
#ldap.referral=follow
#
# Settings for com.liferay.portal.security.auth.LDAPAuth can be configured
# from the Admin portlet. It provides out-of-the-box support for the Apache
# Directory Server, Microsoft Active Directory Server, Novell eDirectory,
# and OpenLDAP. The default settings are for the Apache Directory Server.
#
# The LDAPAuth class must be specified in the property "auth.pipeline.pre"
# to be executed.
#
# Encryption is implemented by com.liferay.util.Encryptor.provider.class in
# system.properties.
#
ldap.auth.enabled=false
ldap.auth.required=false
#
# Set the page size for directory servers that support paging. This value
# needs to be 1000 or less for the Microsoft Active Directory Server.
#
#ldap.page.size=1000
#
# Set the number of values to return in each query to a multivalued
# attribute for directory servers that support range retrieval. The range
# size must be 1000 or less for Windows 2000 and 1500 or less for Windows
# Server 2003.
#
#ldap.range.size=1000
#
# Set either bind or password-compare for the LDAP authentication method.
# Bind is preferred by most vendors so that you don't have to worry about
# encryption strategies.
#
ldap.auth.method=bind
#ldap.auth.method=password-compare
#
# Set the password encryption to use for comparing passwords during import
# and to use for encrypting passwords during export. Comparing passwords
# during import will only be used when the property "ldap.auth.method" is
# set to password-compare. If the encryption is set to NONE, which is the
# default value, passwords are considered as plain text. The SHA-512
# algorithm is currently unsupported.
#
#ldap.auth.password.encryption.algorithm=BCRYPT
#ldap.auth.password.encryption.algorithm=MD2
#ldap.auth.password.encryption.algorithm=MD5
ldap.auth.password.encryption.algorithm=NONE
#ldap.auth.password.encryption.algorithm=SHA
#ldap.auth.password.encryption.algorithm=SHA-256
#ldap.auth.password.encryption.algorithm=SHA-384
#ldap.auth.password.encryption.algorithm=SSHA
#ldap.auth.password.encryption.algorithm=UFC-CRYPT
#
# You can write your own class that implements
# com.liferay.portal.security.ldap.AttributesTransformer to transform the
# LDAP attributes before a user or group is imported to the LDAP store.
#
# This property is not read by the portal except for portal properties
# overridden by liferay-hook.xml. It remains here only as a reference.
#
#ldap.attrs.transformer.impl=com.liferay.portal.security.ldap.DefaultAttributesTransformer
#
# Specify the settings for LDAP connections. Any property prefixed with
# "ldap.connection." will be passed to the LDAP context as an environment
# variable.
#
# To enable LDAP connection pooling, you have to set
# "ldap.connection.com.sun.jndi.ldap.connect.pool" to true and provide
# additional JVM system properties via the JVM start-up options via:
#
# java ... -Dcom.sun.jndi.ldap.connect.pool.maxsize=50 -Dcom.sun.jndi.ldap.connect.pool.timeout=10000
#
# See the following link:
# http://docs.oracle.com/javase/6/docs/technotes/guides/jndi/jndi-ldap.html#POOL
#
ldap.connection.com.sun.jndi.ldap.connect.pool=true
ldap.connection.com.sun.jndi.ldap.connect.timeout=500
ldap.connection.com.sun.jndi.ldap.read.timeout=15000
#
# Settings for importing users and groups from LDAP to the portal.
#
#ldap.import.enabled=false
#ldap.import.on.startup=false
#ldap.import.interval=10
#
# Set either user or group for import method. If set to user, the portal
# imports all users and the groups associated with those users. If set
# to group, the portal imports all groups and the users associated with
# those groups. This value should be set based on how your LDAP server
# stores group membership information.
#
#ldap.import.method=user
#ldap.import.method=group
#
# Set the lock expiration time for LDAP import. By default, the expiration
# time is 1 day.
#
#ldap.import.lock.expiration.time=86400000
#
# If set to true, the group filter will be applied, but only to groups in
# the specified base DN. If set to false, the filter will not be applied and
# all groups that are associated with the imported users will be imported
# regardless of the base DN.
#
#ldap.import.group.search.filter.enabled=true
#
# Specify whether group DN lookups will be cached during LDAP import and
# login. If set to true, this will speed up LDAP import and login, but
# updates to group attributes will not be recognized until the cache entry
# expires. The cache size and timeout may be configured in the configuration
# file specifed in the property "ehcache.single.vm.config.location".
#
#ldap.import.group.cache.enabled=true
#
# Set this to true if the portal should automatically create a role per
# group imported from LDAP. The role will be assigned to the group so that
# users can automatically inherit that role when they are assigned to the
# group.
#
#ldap.import.create.role.per.group=false
#
# Set these values to be a portion of the error message returned by the
# appropriate directory server to allow the portal to recognize messages
# from the LDAP server. The default values will work for Fedora DS.
#
ldap.error.password.age=age
ldap.error.password.expired=expired
ldap.error.password.history=history
ldap.error.password.not.changeable=not allowed to change
ldap.error.password.syntax=syntax
ldap.error.password.trivial=trivial
ldap.error.user.lockout=retry limit
#
# Set this to true to use LDAP's password policy instead of the portal
# password policy.
#
# If set to true, it is possible that portal generated passwords will not
# match the LDAP policy. See the "passwords.regexptoolkit.*" properties for
# details on configuring RegExpToolkit in generating these passwords.
#
#ldap.password.policy.enabled=false
#
# Set this to false when the LDAP user's password should not be imported to
# the Liferay user.
#
#ldap.import.user.password.enabled=true
#
# Set this to true to autogenerate passwords for users imported from
# LDAP.
#
# This property is only in use if the property
# "ldap.import.user.password.enabled" is set to false.
#
# If an LDAP password policy is enabled (see the property
# "ldap.password.policy.enabled"), the password will be generated using
# RegExpToolkit. Set the "auth.pipeline.enable.liferay.check" property to
# false to disable password checking by the portal's internal authentication
# (which is not compatible with LDAP), and set the "auth.pipeline.pre"
# property to com.liferay.portal.security.auth.LDAPAuth so that password
# checking will be delegated to the LDAPAuth authenticator.
#
# Note that enabling LDAP export, by setting the "ldap.export.enabled"
# property to true, may lead to overwriting the LDAP user's password with an
# autogenerated password.
#
#ldap.import.user.password.autogenerated=false
#
# Set either screenName or plain text as the default password for the
# imported LDAP user. Setting the value to screenName will use the user's
# screen name as the password for the imported LDAP user. Setting the value
# to any other plain text value will use that value as the password for the
# imported LDAP user.
#
# This property is only in use if the properties
# "ldap.import.user.password.enabled" and
# "ldap.import.user.password.autogenerated" are both set to false.
#
#ldap.import.user.password.default=test
#ldap.import.user.password.default=screenName
#
# Settings for exporting users from the portal to LDAP. This allows a user
# to modify his first name, last name, etc. in the portal and have that
# change pushed to the LDAP server. This setting is not used unless the
# property "ldap.auth.enabled" is set to true.
#
#ldap.export.enabled=false
#
# Set this to true if groups and their associations should be exported from
# the portal to LDAP. This setting is not used unless the property
# "ldap.auth.enabled" is set to true.
#
#ldap.export.group.enabled=true
#
# Set the values used to connect to an LDAP store.
#
# The list of properties must end with a subsequent integer (0, 1, etc.) and
# it is assumed that the list has reached an end when the pattern or
# replacement is not set.
#
#ldap.base.provider.url.0=ldap://localhost:10389
#ldap.base.dn.0=dc=example,dc=com
#ldap.security.principal.0=uid=admin,ou=system
#ldap.security.credentials.0=secret
#
# Active Directory stores information about the user account as a series of
# bit fields in the UserAccountControl attribute.
#
# If you want to prevent disabled accounts from logging into the portal you
# need to use a search filter similar to the following:
# (&(objectclass=person)(userprincipalname=@email_address@)(!(UserAccountControl:1.2.840.113556.1.4.803:=2)))
#
# See the following links:
# http://support.microsoft.com/kb/305144/
# http://support.microsoft.com/?kbid=269181
#
#ldap.auth.search.filter.0=(mail=@email_address@)
#
# When importing and exporting users, the portal will use this mapping to
# connect LDAP user attributes and portal contact attributes.
#
# See com.liferay.portal.model.ContactModel for a list of attributes.
#
#ldap.contact.mappings.0=aimSn=\nbirthday=\nfacebookSn=\nicqSn=\njabberSn=\njobTitle=\nmsnSn=\nmySpaceSn=\nskypeSn=\nsmsSn=\ntwitterSn=\nymSn=
#
# When importing and exporting users, the portal will use this mapping to
# connect LDAP user attributes and portal contact's custom attributes.
#
#ldap.contact.custom.mappings.0=
#
# When a user is exported to LDAP and the user does not exist, the user will
# be created with the following default object classes.
#
#ldap.user.default.object.classes.0=top,person,inetOrgPerson,organizationalPerson
#
# When importing and exporting users, the portal will use this mapping to
# connect LDAP user attributes and portal user attributes.
#
# See com.liferay.portal.model.UserModel for a list of attributes.
#
#ldap.user.mappings.0=emailAddress=mail\nfirstName=givenName\ngroup=groupMembership\njobTitle=title\nlastName=sn\npassword=userPassword\nscreenName=cn\nuuid=uuid\n
#
# When importing and exporting users, the portal will use this mapping to
# connect LDAP user attributes and portal user's custom attributes.
#
#ldap.user.custom.mappings.0=
#
# Set the user attributes that are controlled from the portal. When adding
# or updating a user from LDAP, these attributes will be skipped.
#
#ldap.user.ignore.attributes=
#ldap.user.ignore.attributes=aimSn,birthday,comments,facebookId,facebookSn,firstName,greeting,icqSn,jabberSn,jobTitle,languageId,lastName,male,middleName,msnSn,mySpaceSn,openId,prefixId,reminderQueryAnswer,reminderQueryQuestion,skypeSn,smsSn,suffixId,timeZoneId,twitterSn,ymSn
#
# When a group is exported to LDAP and the group does not exist, the group
# will be created with the following default object classes.
#
#ldap.group.default.object.classes.0=top,groupOfUniqueNames
#
# When importing groups, the portal will use this mapping to connect LDAP
# group attributes and portal user group attributes.
#
#ldap.group.mappings.0=description=description\ngroupName=cn\nuser=uniqueMember
#
# Settings for importing users and groups from LDAP to the portal. These
# settings are not used unless the property "ldap.import.enabled" is set
# to true.
#
#ldap.import.user.search.filter.0=(objectClass=inetOrgPerson)
#ldap.import.group.search.filter.0=(objectClass=groupOfUniqueNames)
#
# New users and groups will be created at the specified DN. This will only
# be active if the property "ldap.auth.enabled" and "ldap.export.enabled"
# are set to true.
#
#ldap.users.dn.0=ou=users,dc=example,dc=com
#ldap.groups.dn.0=ou=groups,dc=example,dc=com
##
## Basic Authentication
##
#
# Set this to true to require a password when using basic authentication.
# Only set this to false if additional security measures are in place to
# ensure users have been properly authenticated.
#
basic.auth.password.required=true
##
## CAS
##
#
# Set this to true to enable CAS single sign on. NTLM will work only if
# LDAP authentication is also enabled and the authentication is made by
# screen name. If set to true, then the property "auto.login.hooks" must
# contain a reference to the class
# com.liferay.portal.security.auth.CASAutoLogin and the filter
# com.liferay.portal.servlet.filters.sso.cas.CASFilter must be referenced
# in web.xml.
#
#cas.auth.enabled=false
#
# A user may be authenticated from CAS and not yet exist in the portal. Set
# this to true to automatically import users from LDAP if they do not exist
# in the portal.
#
#cas.import.from.ldap=false
#
# Set the default values for the required CAS URLs. Set either
# "cas.server.name" or "cas.service.url". Setting "cas.server.name" allows
# deep linking. See LEP-4423.
#
#cas.login.url=https://localhost:8443/cas-web/login
#cas.logout.url=https://localhost:8443/cas-web/logout
#cas.server.name=localhost:8080
#cas.server.url=https://localhost:8443/cas-web
#cas.service.url=
#cas.service.url=http://localhost:8080/c/portal/login
#cas.no.such.user.redirect.url=http://localhost:8080
#
# Set this to true to log out the user from CAS when the portal session
# expires.
#
#cas.logout.on.session.expiration=false
##
## Facebook Connect SSO
##
facebook.connect.auth.enabled=false
facebook.connect.app.id=
facebook.connect.app.secret=
facebook.connect.graph.url=https://graph.facebook.com
facebook.connect.oauth.auth.url=https://graph.facebook.com/oauth/authorize
facebook.connect.oauth.redirect.url=http://localhost:8080/c/login/facebook_connect_oauth
facebook.connect.oauth.token.url=https://graph.facebook.com/oauth/access_token
facebook.connect.verified.account.required=false
##
## NTLM
##
#
# Set this to true to enable NTLM single sign on. NTLM will work only if
# LDAP authentication is also enabled and the authentication is made by
# screen name. If set to true, then the property "auto.login.hooks" must
# contain a reference to the class
# com.liferay.portal.security.auth.NtlmAutoLogin and the filter
# com.liferay.portal.servlet.filters.sso.ntlm.NtlmFilter must be referenced
# in web.xml.
#
# Negotiate flags are set according to the client's requested capabilities
# and the server's ServerCapabilities.
#
# See the following link:
# http://msdn.microsoft.com/en-us/library/cc717152%28v=PROT.10%29.aspx
#
#ntlm.auth.enabled=false
#ntlm.auth.domain.controller=127.0.0.1
#ntlm.auth.domain.controller.name=EXAMPLE
#ntlm.auth.domain=EXAMPLE
#ntlm.auth.negotiate.flags=0x600FFFFF
#ntlm.auth.service.account=LIFERAY$@EXAMPLE.COM
#ntlm.auth.service.password=test
#
# See http://jcifs.samba.org/src/docs/ntlmhttpauth.html for more available
# properties.
#
#jcifs.netbios.cachePolicy=30
#jcifs.smb.client.soTimeout=35000
##
## OpenID
##
#
# Set this to true to enable OpenId authentication. If set to true, then the
# property "auto.login.hooks" must contain a reference to the class
# com.liferay.portal.security.auth.OpenIdAutoLogin.
#
open.id.auth.enabled=true
open.id.providers=yahoo
open.id.ax.schema[default]=email,firstname,lastname
open.id.ax.type.email[default]=http://schema.openid.net/contact/email
open.id.ax.type.firstname[default]=http://schema.openid.net/namePerson/first
open.id.ax.type.lastname[default]=http://schema.openid.net/namePerson/last
open.id.ax.schema[yahoo]=email,fullname
open.id.ax.type.email[yahoo]=http://axschema.org/contact/email
open.id.ax.type.fullname[yahoo]=http://axschema.org/namePerson
open.id.url[yahoo]=open.login.yahooapis.com
##
## OpenSSO
##
#open.sso.auth.enabled=false
#
# Set this to true if you want to import the users from LDAP after
# successful login through OpenSSO. The LDAP settings need to be configured
# properly in the LDAP section. If this is set to false, the users will be
# created from OpenSSO provided data.
#
#open.sso.ldap.import.enabled=false
#open.sso.login.url=http://openssohost.example.com:8080/opensso/UI/Login?goto=http://portalhost.example.com:8080/c/portal/login
#open.sso.logout.url=http://openssohost.example.com:8080/opensso/UI/Logout?goto=http://portalhost.example.com:8080/web/guest/home
#open.sso.service.url=http://openssohost.example.com:8080/opensso
#open.sso.screen.name.attr=uid
#open.sso.email.address.attr=mail
#open.sso.first.name.attr=givenname
#open.sso.last.name.attr=sn
#
# Set this to true to log a user out of OpenSSO when the portal session
# expires.
#
#open.sso.logout.on.session.expiration=false
##
## Request Header
##
#
# Set this to true to automatically import users from LDAP if they do not
# exist in the portal. The property "auto.login.hooks" must contain a
# reference to the class
# com.liferay.portal.security.auth.RequestHeaderAutoLogin to enable request
# header authentication.
#
request.header.auth.import.from.ldap=false
#
# Input a list of comma delimited IPs that can automatically authenticate
# via request headers. Input a blank list to allow any IP to automatically
# authenticate via request headers. SERVER_IP will be replaced with the IP
# of the host server.
#
request.header.auth.hosts.allowed=
#
# Input a list of comma delimited init parameters that should never be set
# in the request header by the header filter.
#
request.header.ignore.init.params=url-regex-ignore-pattern,url-regex-pattern
##
## SiteMinder
##
#
# Set this to true to enable CA SiteMinder single sign on. If set to true,
# then the property "auto.login.hooks" must contain a reference to the class
# com.liferay.portal.security.auth.SiteMinderAutoLogin and the
# "logout.events.post" must have a reference to
# com.liferay.portal.events.SiteMinderLogoutAction for logout to work.
#
siteminder.auth.enabled=false
#
# A user may be authenticated from SiteMinder and not yet exist in the
# portal. Set this to true to automatically import users from LDAP if they
# do not exist in the portal.
#
siteminder.import.from.ldap=false
#
# Set this to the name of the user header that SiteMinder passes to the
# portal.
#
siteminder.user.header=SM_USER
##
## Authentication Pipeline
##
#
# Input a list of comma delimited class names that implement
# com.liferay.portal.security.auth.Authenticator. These classes will run
# before or after the portal authentication begins.
#
# The Authenticator class defines the constant values that should be used
# as return codes from the classes implementing the interface. If
# authentication is successful, return SUCCESS; if the user exists but the
# passwords do not match, return FAILURE; and if the user does not exist on
# the system, return DNE.
#
# In the pre-authentication pipeline, if you want to skip password checking
# by the internal portal authentication, the authenticator should return
# SKIP_LIFERAY_CHECK. This is needed if passwords are not imported to the
# portal.
#
# Constants in Authenticator:
# public static final int DNE = 0;
# public static final int FAILURE = -1;
# public static final int SKIP_LIFERAY_CHECK = 2;
# public static final int SUCCESS = 1;
#
# In case you have several classes in the authentication pipeline, all of
# them have to return SKIP_LIFERAY_CHECK or SUCCESS if you want the user to
# be able to login. If one of the authenticators returns DNE OR FAILURE, the
# login fails.
#
# Under certain circumstances, you might want to keep the information in the
# portal database in sync with an external database or an LDAP server. This
# can easily be achieved by implementing a class via LDAPAuth that updates
# the information stored in the portal user database whenever a user signs
# in.
#
# Each portal instance can be configured at run time to either authenticate
# based on user IDs or email addresses. See the Admin portlet for more
# information.
#
# Available authenticators are:
# com.liferay.portal.security.auth.LDAPAuth
#
# See the LDAP properties to configure the behavior of the LDAPAuth class.
#
auth.pipeline.pre=com.liferay.portal.security.auth.LDAPAuth
#auth.pipeline.post=
#
# Set this to true to enable password checking by the internal portal
# authentication. If set to false, you're essentially delegating password
# checking to the authenticators configured in "auth.pipeline.pre" and
# "auth.pipeline.post" settings.
#
auth.pipeline.enable.liferay.check=true
#
# Input a list of comma delimited class names that implement
# com.liferay.portal.security.auth.AuthFailure. These classes will run when
# a user has a failed login or when a user has reached the maximum number of
# failed logins.
#
auth.failure=com.liferay.portal.security.auth.LoginFailure
auth.max.failures=com.liferay.portal.security.auth.LoginMaxFailures
#
# Set the following to true if users are allowed to have simultaneous logins
# from different sessions. This property is not used unless the property
# "live.users.enabled" is set to true.
#
auth.simultaneous.logins=true
#
# Set this to true if users are forwarded to the last visited path upon
# successful login. If set to false, users will be forwarded to their
# default layout page.
#
auth.forward.by.last.path=true
#
# The login page reads a redirect by a parameter named "redirect". If this
# property is set to true, then users will be redirected to the given
# redirect path upon successful login. If the user does not have permission
# to view that page, then the rule set by the property
# "auth.forward.by.last.path" will apply.
#
# You can set the redirect manually from another application by appending
# the "redirect" parameter in a url that looks like this:
# /c/portal/login?redirect=%2Fgroup%2Femployees%2Fcalendar. This url will
# redirect the user to the path "/group/employees/calendar" upon successful
# login.
#
auth.forward.by.redirect=true
#
# Enter a list of comma delimited paths that can be considered part of the
# last visited path.
#
auth.forward.last.paths=/document_library/get_file
#
# Enter a URL that will be used to login portal users whenever needed. By
# default, the portal's login page is used.
#
#auth.login.url=/web/guest/home
#
# Set this to true to prompt a guest user to login when attempting to access
# a protected page resource in the portal. By setting this value to false,
# the portal will inform all users that a requested resource is not found if
# they have no entitlements to view the resource. The portal will not prompt
# for login even if the user is a guest user. This behavior complies with
# OWASP best practices.
#
auth.login.prompt.enabled=true
#
# Enter a friendly URL of a page that will be used to login portal users
# whenever the user is navigating a site and authentication is needed. By
# default, the portal's login page or the URL set in the property
# "auth.login.url" is used.
#
auth.login.site.url=/login
#
# Enter the name of the login portlet used in a page identified by the URL
# of the previous property (if one has been set). This will allow the
# portlet to have access to the redirect parameter and forward the user
# to the page he was trying to access, when necessary. You should leave
# the default value unless you have your own custom login portlet.
#
auth.login.portlet.name=58
#
# Set this to true to disable any users from logging into the portal.
# Preventing users from logging into the portal provides a read-only version
# of the portal that can be used to minimize site outages during upgrades.
#
auth.login.disabled=false
auth.login.disabled.path=/portal/login_disabled
#
# Enter a list of comma delimited paths that do not require authentication.
#
auth.public.paths=\
/activities/rss,\
\
/asset/get_categories,\
\
/blogs/find_entry,\
/blogs/rss,\
/blogs/trackback,\
\
/blogs_aggregator/rss,\
\
/document_library/find_file_entry,\
/document_library/find_folder,\
/document_library/get_file,\
\
/dynamic_data_lists/find_record,\
\
/dynamic_data_mapping/render_structure_field,\
\
/flags/edit_flag,\
\
/iframe/proxy,\
\
/image_gallery_display/find_folder,\
/image_gallery_display/find_image,\
\
/journal/find_folder,\
/journal/get_article,\
/journal/get_articles,\
/journal/get_latest_article_content,\
/journal/rss,\
/journal/view_article_content,\
/journal_articles/view_article_content,\
\
/layouts_admin/robots,\
/layouts_admin/sitemap,\
\
/login/facebook_connect_oauth,\
\
/message_boards/find_category,\
/message_boards/find_message,\
/message_boards/find_thread,\
/message_boards/get_message_attachment,\
/message_boards/rss,\
\
/my_sites/view,\
\
/portal/emoticons,\
/portal/expire_session,\
/portal/extend_session,\
/portal/extend_session_confirm,\
/portal/json_service,\
/portal/license,\
/portal/logout,\
/portal/open_id_request,\
/portal/open_id_response,\
/portal/portlet_url,\
/portal/session_click,\
/portal/session_tree_js_click,\
/portal/status,\
\
/search/open_search,\
/search/open_search_description.xml,\
\
/shopping/notify
##
## Authentication Verifier
##
#
# Input a list of comma delimited class names that implement
# com.liferay.portal.security.auth.AuthVerifier. These classes are used to
# verify whether a request is authenticated or not.
#
# This property is not read by the portal except for portal properties
# overridden by liferay-hook.xml. It remains here only as a reference.
#
#auth.verifier.pipeline=com.liferay.portal.security.auth.BasicAuthHeaderAutoLogin,com.liferay.portal.security.auth.DigestAuthenticationAuthVerifier,com.liferay.portal.security.auth.ParameterAutoLogin,com.liferay.portal.security.auth.PortalSessionAuthVerifier,com.liferay.portal.security.auth.TunnelingServletAuthVerifier
#
# Each authentication verifier can have custom properties set via the
# property prefix "auth.verifier." and the authentication verifier's simple
# class name. All property suffixes are stripped of their prefix and passed
# directly to the authentication verifier. For example, the property
# "auth.verifier.BasicAuthHeaderAutoLogin.hosts.allowed" is passed to
# BasicAuthHeaderAutoLogin as "hosts.allowed".
#
# The expected property suffixes are "hosts.allowed" and "urls". See the
# property "json.service.auth.token.hosts.allowed" for the accepted values
# for the property suffix "hosts.allowed".
#
# The property suffix "urls.includes" denotes the valid URLs that apply to
# an authentication verifier.
#
# The property suffix "urls.excludes" denotes URLs that will not be handled
# even if they match the patterns set in "urls.includes".
#
#
# BasicAuthHeaderAutoLogin
#
auth.verifier.BasicAuthHeaderAutoLogin.hosts.allowed=
auth.verifier.BasicAuthHeaderAutoLogin.urls.includes=/api/*,/xmlrpc/*
auth.verifier.BasicAuthHeaderAutoLogin.urls.excludes=/api/liferay/do
#
# DigestAuthenticationAuthVerifier
#
auth.verifier.DigestAuthenticationAuthVerifier.hosts.allowed=
auth.verifier.DigestAuthenticationAuthVerifier.urls.includes=N/A
#
# ParameterAutoLogin
#
auth.verifier.ParameterAutoLogin.hosts.allowed=
auth.verifier.ParameterAutoLogin.urls.includes=N/A
#
# PortalSessionAuthVerifier
#
auth.verifier.PortalSessionAuthVerifier.hosts.allowed=
auth.verifier.PortalSessionAuthVerifier.urls.includes=\
/api/json/*,\
/api/jsonws/*,\
/c/portal/json_service/*
#
# TunnelingServletAuthVerifier
#
auth.verifier.TunnelingServletAuthVerifier.hosts.allowed=255.255.255.255
auth.verifier.TunnelingServletAuthVerifier.urls.includes=/api/liferay/do
##
## Authentication Token
##
#
# Set this to true to enable authentication token security checks. The
# checks can be disabled for specific actions via the property
# "auth.token.ignore.actions" or for specific portlets via the init
# parameter "check-auth-token" in portlet.xml.
#
auth.token.check.enabled=true
#
# Set the authentication token class. This class must implement
# com.liferay.portal.security.auth.AuthToken. This class is used to prevent
# CSRF attacks. See https://issues.liferay.com/browse/LPS-8399 for more
# information.
#
# This property is not read by the portal except for portal properties
# overridden by liferay-hook.xml. It remains here only as a reference.
#
#auth.token.impl=com.liferay.portal.security.auth.SessionAuthToken
#
# Input a list of comma delimited struts actions that will not be checked
# for an authentication token.
#
auth.token.ignore.actions=\
/asset/rss,\
\
/blogs/edit_entry,\
/blogs/edit_entry_discussion,\
/blogs/rss,\
/blogs/trackback,\
\
/blogs_aggregator/edit_entry,\
/blogs_aggregator/edit_entry_discussion,\
/blogs_aggregator/rss,\
\
/document_library/edit_file_entry,\
/document_library/edit_file_entry_discussion,\
\
/document_library_display/edit_file_entry,\
/document_library_display/edit_file_entry_discussion,\
\
/journal/edit_article_discussion,\
/journal/rss,\
\
/image_gallery_display/edit_file_entry,\
/image_gallery_display/edit_image,\
\
/login/create_account,\
/login/login,\
\
/message_boards/edit_discussion,\
/message_boards/edit_message,\
/message_boards/rss,\
\
/my_sites/view,\
\
/page_comments/edit_page_discussion,\
\
/shopping/edit_order_discussion,\
\
/software_catalog/edit_product_entry_discussion,\
\
/wiki/edit_page,\
/wiki/edit_page_attachment,\
/wiki/edit_page_discussion,\
/wiki/get_page_attachment,\
/wiki/rss,\
\
/wiki_admin/edit_page_attachment,\
\
/wiki_display/edit_page_attachment,\
/wiki_display/edit_page_discussion
#
# Set a list of comma delimited origins that will not be checked for an
# authentication token.
#
#auth.token.ignore.origins=\
# com.liferay.portal.action.JSONServiceAction:com.liferay.portlet.expando.service.ExpandoValueServiceUtil#getJSONData,\
# com.liferay.portal.jsonwebservice.JSONWebServiceServiceAction:/classname/,\
# com.liferay.portal.jsonwebservice.JSONWebServiceServiceAction:/user/get-user-by-email-address,\
# com.liferay.portlet.asset.action.GetCategoriesAction,\
# com.liferay.portlet.portletconfiguration.action.GetLookAndFeelAction
#
# Set a list of comma delimited portlet IDs that will not be checked for an
# authentication token.
#
auth.token.ignore.portlets=
#
# Set the length of the authentication token. Longer auth tokens will
# require more CPU cycles to generate and may impact overall performance.
#
auth.token.length=8
#
# Set the shared secret that is used for requests where it is not possible
# to generate an authentication token (i.e. WSRP).
#
#auth.token.shared.secret=
##
## Auto Login
##
#
# Input a list of comma delimited class names that implement
# com.liferay.portal.security.auth.AutoLogin. These classes will run in
# consecutive order for all unauthenticated users until one of them returns
# a valid user ID and password combination. If no valid combination is
# returned, then the request continues to process normally. If a valid
# combination is returned, then the portal will automatically login that
# user with the returned user ID and password combination.
#
# For example, com.liferay.portal.security.auth.RememberMeAutoLogin reads
# from a cookie to automatically log in a user who previously logged in
# while checking on the "Remember Me" box.
#
# This interface allows deployers to easily configure the portal to work
# with other SSO servers. See com.liferay.portal.security.auth.CASAutoLogin
# for an example of how to configure the portal with Yale's SSO server.
#
# This property is not read by the portal except for portal properties
# overridden by liferay-hook.xml. It remains here only as a reference.
#
#auto.login.hooks=com.liferay.portal.security.auth.CASAutoLogin,com.liferay.portal.security.auth.FacebookAutoLogin,com.liferay.portal.security.auth.NtlmAutoLogin,com.liferay.portal.security.auth.OpenIdAutoLogin,com.liferay.portal.security.auth.OpenSSOAutoLogin,com.liferay.portal.security.auth.RememberMeAutoLogin,com.liferay.portal.security.auth.SiteMinderAutoLogin
#
# Set the hosts that will be ignored for auto login.
#
auto.login.ignore.hosts=
#
# Set the paths that will be ignored for auto login.
#
auto.login.ignore.paths=
##
## SSO with MAC (Message Authentication Code)
##
#
# To use SSO with MAC, post to a URL like:
# http://localhost:8080/c/portal/login?cmd=already-registered&login=<userId|emailAddress>&password=<MAC>
#
# Pass the MAC in the password field. Make sure the MAC gets URL encoded
# because it might contain characters not allowed in a URL.
#
# SSO with MAC also requires that you set the following property in
# system.properties:
#
# com.liferay.util.servlet.SessionParameters=false
#
# See the following links:
# https://issues.liferay.com/browse/LEP-1288
# http://en.wikipedia.org/wiki/Message_authentication_code
#
# Set this to true to enable SSO with MAC.
#
auth.mac.allow=false
#
# Set the algorithm to use for MAC encryption.
#
auth.mac.algorithm=MD5
#
# Set the shared key used to generate the MAC. The shared key must not be
# empty and it should be sufficiently long and complex to withstand a
# brute force attack.
#
auth.mac.shared.key=
##
## Passwords
##
#
# Set the following encryption algorithm to designate the password
# encryption algorithm to migrate from. This is only necessary if
# upgrading from a release prior to 6.2 or if you wish to switch password
# encryption algorithms when there are existing users with passwords in the
# portal.
#
#passwords.encryption.algorithm.legacy=BCRYPT
#passwords.encryption.algorithm.legacy=MD2
#passwords.encryption.algorithm.legacy=MD5
#passwords.encryption.algorithm.legacy=NONE
#passwords.encryption.algorithm.legacy=SHA
#passwords.encryption.algorithm.legacy=SHA-256
#passwords.encryption.algorithm.legacy=SHA-384
#passwords.encryption.algorithm.legacy=SSHA
#passwords.encryption.algorithm.legacy=UFC-CRYPT
#
# Set the following encryption algorithm to encrypt passwords. The default
# algorithm is PBKDF2WithHmacSHA1/160/128000, generating 160 bit hashes
# using 128,000 rounds.
#
# It is possible to decrease the rounds value in case of slow production
# hardware, but be aware that 128,000 is the recommended value for 2014
# by OWASP.
#
# If set to NONE, passwords are stored in the database as plain text.
#
#passwords.encryption.algorithm=BCRYPT/10
#passwords.encryption.algorithm=MD2
#passwords.encryption.algorithm=MD5
#passwords.encryption.algorithm=NONE
passwords.encryption.algorithm=PBKDF2WithHmacSHA1/160/128000
#passwords.encryption.algorithm=SHA
#passwords.encryption.algorithm=SHA-256
#passwords.encryption.algorithm=SHA-384
#passwords.encryption.algorithm=SSHA
#passwords.encryption.algorithm=UFC-CRYPT
#
# Digested passwords are encoded via base64 or hex encoding. The default is
# base64.
#
passwords.digest.encoding=base64
#passwords.digest.encoding=hex
#
# Input a class name that implements
# com.liferay.portal.security.pwd.Toolkit. This class will be called to
# generate and validate passwords.
#
# This property is not read by the portal except for portal properties
# overridden by liferay-hook.xml. It remains here only as a reference.
#
#passwords.toolkit=com.liferay.portal.security.pwd.PasswordPolicyToolkit
#passwords.toolkit=com.liferay.portal.security.pwd.RegExpToolkit
#
# If you choose to use com.liferay.portal.security.pwd.PasswordPolicyToolkit
# as your password toolkit, you can choose either static or dynamic password
# generation. Static is set through the property
# "passwords.passwordpolicytoolkit.static" and dynamic uses the class
# com.liferay.util.PwdGenerator to generate the password. If you are using
# LDAP password syntax checking, you will also have to use the static
# generator so that you can guarantee that passwords obey its rules.
#
#passwords.passwordpolicytoolkit.generator=static
passwords.passwordpolicytoolkit.generator=dynamic
passwords.passwordpolicytoolkit.static=iheartliferay
#
# Set the character sets for password generation. These must be a subset of
# validation character sets.
#
passwords.passwordpolicytoolkit.generator.charset.lowercase=abcdefghjkmnpqrstuvwxyz
passwords.passwordpolicytoolkit.generator.charset.numbers=0123456789
passwords.passwordpolicytoolkit.generator.charset.symbols=_.!@$*=-?
passwords.passwordpolicytoolkit.generator.charset.uppercase=ABCDEFGHJKLMNPQRSTUVWXYZ
#
# Set the character sets for password validation.
#
passwords.passwordpolicytoolkit.validator.charset.lowercase=abcdefghijklmnopqrstuvwxyz
passwords.passwordpolicytoolkit.validator.charset.numbers=0123456789
passwords.passwordpolicytoolkit.validator.charset.symbols=_.!@$*=-?
passwords.passwordpolicytoolkit.validator.charset.uppercase=ABCDEFGHIJKLMNOPQRSTUVWXYZ
#
# If you choose to use com.liferay.portal.security.pwd.RegExpToolkit as
# your password toolkit, set the regular expression pattern that will be
# used to generate and validate passwords.
#
# Note that \ is replaced with \\ to work in Java.
#
# The first pattern ensures that passwords must have at least 4 valid
# characters consisting of digits or letters.
#
# The second pattern ensures that passwords must have at least 8 valid
# characters consisting of digits or letters.
#
passwords.regexptoolkit.pattern=(?=.{4})(?:[a-zA-Z0-9]*)
#passwords.regexptoolkit.pattern=(?=.{8})(?:[a-zA-Z0-9]*)
#
# Set the length and key for generating passwords.
#
#passwords.regexptoolkit.charset=0123456789
passwords.regexptoolkit.charset=0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz
#passwords.regexptoolkit.length=4
passwords.regexptoolkit.length=8
#
# Set the properties of the default password policy.
#
passwords.default.policy.allow.dictionary.words=true
passwords.default.policy.changeable=true
passwords.default.policy.change.required=true
passwords.default.policy.check.syntax=false
passwords.default.policy.expireable=false
passwords.default.policy.grace.limit=0
passwords.default.policy.history=false
passwords.default.policy.history.count=6
passwords.default.policy.lockout=false
passwords.default.policy.lockout.duration=0
passwords.default.policy.max.age=8640000
passwords.default.policy.max.failure=3
passwords.default.policy.min.age=0
passwords.default.policy.min.alphanumeric=0
passwords.default.policy.min.length=6
passwords.default.policy.min.lowercase=0
passwords.default.policy.min.numbers=1
passwords.default.policy.min.symbols=0
passwords.default.policy.min.uppercase=1
passwords.default.policy.name=Default Password Policy
passwords.default.policy.regex=(?=.{4})(?:[a-zA-Z0-9]*)
passwords.default.policy.reset.failure.count=600
passwords.default.policy.reset.ticket.max.age=86400
passwords.default.policy.warning.time=86400
##
## Permissions
##
#
# Set the default permission checker class used by
# com.liferay.portal.security.permission.PermissionCheckerFactory to check
# permissions for actions on objects. This class can be overriden with a
# custom class that implements
# com.liferay.portal.security.permission.PermissionChecker.
#
#permissions.checker=com.liferay.portal.security.permission.SimplePermissionChecker
permissions.checker=com.liferay.portal.security.permission.AdvancedPermissionChecker
#
# Set this to true to configure permission caching to block. See the
# property "ehcache.blocking.cache.allowed" for more information.
#
permissions.object.blocking.cache=false
#
# Configure this threshold to indicate when to use the custom SQL finder to
# check resource permissions.
#
permissions.role.resource.permission.query.threshold=10
#
# Set this to true to enable inline SQL permission checks.
#
permissions.inline.sql.check.enabled=true
#
# Configure this threshold to indicate when to pass in the resource block
# IDs directly to the inline SQL statement and when to use a subselect to
# determine the resource block IDs.
#
permissions.inline.sql.resource.block.query.threshhold=100
#
# Set this to true to use permission checking when reading custom
# attributes by default.
#
permissions.custom.attribute.read.check.by.default=true
#
# Set this to true to use permission checking when writing custom
# attributes by default.
#
permissions.custom.attribute.write.check.by.default=true
#
# Set the following to true to automatically check the view permission on
# parent categories or folders when checking the permission on a specific
# item.
#
# For example, if set to true, to be able to have access to a document,
# a user must have the view permission on the document's folder and all its
# parent folders. Or, to have access to a comment, a user must have the view
# permission on the comments's category and all its parent categories.
#
permissions.view.dynamic.inheritance=true
#
# Set the following to true to enable propagation of permissions between
# models.
#
# For example, when setting the permissions on a specific Wiki node, if you
# assign a role a permission (e.g. DELETE), then the assignment of that
# permission is also propagated to all Wiki pages that belong to that Wiki
# node.
#
# The actual logic of how permissions are propagated among models is
# specified per portlet. See liferay-portlet.xml's use of the element
# "permission-propagator".
#
permissions.propagation.enabled=false
#
# Set this to true if resources should assume that all users have the Guest
# role. Set this to false if resources will not assume that all users have
# the Guest role and, thus, do not automatically inherit permissions that
# belong to the Guest role.
#
# Setting this property to false may require users to grant permissions to
# roles like Site Member and User.
#
permissions.check.guest.enabled=true
##
## Captcha
##
#
# Set the maximum number of captcha checks per portlet session. Set this
# value to 0 to always check. Set this value to a number less than 0 to
# never check. Unauthenticated users will always be checked on every request
# if captcha checks is enabled.
#
captcha.max.challenges=1
#
# Set whether or not to use captcha checks for the following actions.
#
captcha.check.portal.create_account=true
captcha.check.portal.send_password=true
captcha.check.portlet.message_boards.edit_category=false
captcha.check.portlet.message_boards.edit_message=false
#
# Set the engine used to generate captchas. reCAPTCHA uses an external
# service that must be configured independently but provides an audible
# alternative which makes the captcha accessible to the visually impaired.
# See https://www.google.com/recaptcha/admin/create for details.
#
#captcha.engine.impl=com.liferay.portal.captcha.recaptcha.ReCaptchaImpl