The new OIDC authentication enhancement uses the OIDC “sub” (subject) claim to identify users instead of relying on email addresses. Since the “sub” claim is a unique and permanent identifier assigned by the identity provider, it ensures consistent and reliable user recognition even if a user’s email changes or multiple providers share the same address. This improves account stability, reduces login mismatches, and enhances overall security and user experience.

Key Benefits:

• Reliable user identification: Ensures consistent recognition of users even if their email address changes.

• Eliminates account mismatches: Prevents conflicts caused by identical email addresses across different identity providers.

• Improved security: Uses the permanent and unique OIDC “sub” claim, reducing the risk of identity errors.

• Better user experience: Provides seamless authentication and minimizes login or access issues.

We created an API for allowing the user to access the OIDC accessToken from the DB by enabling the serviceLocator

The FF changes from Released to GA

The FF changes from Released to GA

The FF changes from Released to GA

Configuring Content Security Policy Headers - Liferay Official Documentation

A new, streamlined experience for managing your SSL certificates in Liferay Cloud. New status messages and alerts provide more transparency and control over your certificate lifecycle, helping you to proactively manage your domains and avoid costly downtime.

With the new Enhanced Certificate Management Experience, you'll be alerted if a certificate is misconfigured, has expired, or has been successfully renewed. Giving you a better understanding if any immediate action is required. We've also added a new "Renewal Status" column to the SSL Certificates tab, giving you at-a-glance visibility into the health of your certificates. This will empower you to identify and troubleshoot issues on your own, reducing the need for support tickets and giving you more control over your environment.

Key Benefits:

• Better visibility on certificate status.

• Better understanding of actions required in a specific certificate.

• Improved troubleshooting experience for certificate renewal errors.

We have implemented a new translation status feature in the web content editor, labeled "Translating," which provides information about the number of translated fields and those still requiring translation. This feature helps users to quickly identify areas needing translation. Additionally, all translatable fields, including metadata, are now conveniently displayed on the left side of the screen, reducing the likelihood of overlooking them.

Users can readily spot content that is not visible to Guest users through an icon, whether it's in list or table view or within the web content editor. Additionally, this feature is accessible in the item selector, empowering users to discern which content is not viewable by Guest users.

You can now have access to the event’s details when selecting a calendar event and be redirected to the already existing details page of that particular event. It is also possible to map a Calendar Event’s specific URL, along with some other fields, in order to use it in emails so the recipient can click on it and be redirected to the Event’s details.

Now it is possible to easily identify the content you have created and any recent content you generated. This enhancement streamlines and optimizes this workflow.

Easily configure the friendly URLs for the different asset types, updating URL separators. In addition to that, now users are able to set categories within a blog’s friendly URL and easily identify by the URL what is the main topic of the page they are visiting.

This feature aims to refine the Analytics Cloud Usage Page. Alongside UI enhancements for a better user experience, we focused on enhancing data accuracy and real-time precision. Our efforts aimed to eliminate data discrepancies and prioritize transparency for the users.

Key Changes:

1. To promote pricing transparency, we removed the outdated prices from the Workspace settings and implemented a clear message prompting users to reach out to their Customer Success Manager for information on upgrading their plan.

2. Aiming to simplify the interface and highlight pertinent subscription details, some changes were made to the UI of the Subscription and Usage menu, focusing on displaying relevant information to the customer related to their current plan.

We're introducing advanced script loading options for JavaScript Client Extensions in Liferay, providing developers more control over how JavaScript is applied to pages. This update allows the specification of async and defer attributes directly in the extension's configuration, optimizing the loading process and improving page performance.
Benefits for users:

• Improved Page Load Performance: by setting async or defer attributes, scripts can be loaded non-blocking, enhancing page responsiveness.
• Enhanced Control: developers can pre-set these attributes in the YAML configuration or through the UI, ensuring scripts behave consistently across all pages without further adjustment.
• Streamlined Configuration: once set, these attributes are locked at the extension level, eliminating discrepancies and simplifying script management.

Allow developers to specify additional attributes to the <script> tag when deploying in with the JS Client Extension.

Example usage in client-extension.yaml: liferay-portal/workspaces/liferay-sample-workspace/client-extensions/liferay-sample-global-js-2/client-extension.yaml at master · liferay/liferay-portal

    scriptElementAttributes:
        async: true
        data-attribute: "value"
        data-senna-track: "permanent"
        fetchpriority: "low"

Or, developers can configure the attributes via the create Client Extension UI too:

When configuring a JS CX on a page and async/defer Boolean attributes are present in the CX (set in the yaml / defined through the UI), the following behaviors apply in regards to the Load type options:

1. The attribute set in the CX will be used and the ability to change it when applying it on a page will be disabled.
2. When both attributes are set in the CX, async will be applied.
3. When async or defer is set to false in the CS, the related option will be removed from the Load selector. (e.g. if defer: false the load options available for the user will be default and async).

This feature introduces the capability to connect Liferay Objects with SugarCRM Objects, empowering users to synchronize and store their data efficiently between the two platforms. By bridging these systems, users can streamline their workflows, enhance data consistency, and leverage the robust features of both Liferay and SugarCRM.

Users can now, with low effort, connect their Liferay and SugarCRM environments, eliminating the need for manual data transfers and reducing the risk of errors. This enhancement not only simplifies data management but also enhances the overall user experience by providing a cohesive and integrated ecosystem for managing customer data.

We have improved the behaviour of an existing configuration to be able to properly publish a child page in a Staging process to Live site without its parent(s). This also improves the performance of publishing changes.

It is now possible to select Date Times as a product option type, configuring purchase options for products based on date, times, time zones, and durations, allowing for the sale of time slots.

Manage contacts directly related to accounts like phone numbers, emails, websites, addresses.

A new Contact Tab in Account details page with 2 internals tabs was created:

1. Addresses
2. Contact Information

Users with “Accounts > Account Entry: Manage Addresses” permission should be able to manage their contacts with all these actions:

• Add
• Edit
• Remove
• Mark as primary

Example of managing a phone number:

Users without “Accounts > Account Entry: Manage Addresses” permission should be able to only view the existing phone number entries.

The Server Administration interface provides powerful tools for controlling the server. As an added layer of security, CAPTCHA is now required for actions in Server Administration pages and the Gogo Shell page. Due to the sensitive nature of these controls, the system will still enforce CAPTCHA on these pages, even if the “Maximum Challenges” configuration is set to a negative number.

To create Sign In, Forgot Password, and Create Account utility pages, it's necessary for these three views of the Login portlet (i.e., Sign In widget) to be available as individual widgets, which can be placed on pages separately. As a result, Sign In, Forgot Password, and Create Account are now accessible as separate widgets.

It's worth noting that the Sign In widget retains its previous functionality.

We aimed to facilitate seamless navigation between various Utility pages, whether there are multiple or just one.