XML

Word

Printable

Details

Type: Story
Status: Closed
Priority: Minor
Resolution: Completed
Affects Version/s: None
Fix Version/s: 7.4.13 DXP U66, Master
Component/s: Information Security > Cookie Preference Settings
Labels:
- beyond_7.4
- beyond_7.4-must
- fc_22_03
- fc_22_04
- fc_22_05
- fc_22_06
- fc_22_07
- fc_22_08

Epic Link:
Support cookie compliance with GDPR
Sprint:
AppSec Iteration 83, AppSec Iteration 84, AppSec Iteration 85, AppSec Iteration 86, AppSec Iteration 87, AppSec Iteration 88, AppSec Iteration 89, AppSec Iteration 90, AppSec Iteration 91, AppSec Iteration 92, AppSec Iteration 93

Description

Motivation

We want to have a built in feature of cookie handling with which it's possible to make the site within the portal be GDPR compliant. This story is about the server side cookie handling.

Design

This story doesn't have design aspect. The design is here to have a reference for the configuration.

https://www.figma.com/file/BFiKtvHk2qJqdI7FqAt4wC/?node-id=141%3A20553

Acceptance Criteria

AC-1
- Given that the Site Administrator has enabled (activated) the cookie preference handling for the site
- When a feature, function needs to add, modify or delete a cookie in the server side logic (Java)
- Then all the relevant configuration and end user preference must be taken into consideration.

See the description of the sub tasks for further AC list.

Attachments

Issue Links

depends on

LPS-148285 As a Site Administrator, I want to configure a GDPR compliant cookie preference handling in my site

Closed

LPS-148317 As a Site Administrator, I want the End User's cookie preferences to be considered at managing cookies on client (Javascript) side

Closed

is related to

LPS-133584 SameSite policy control for default Liferay cookies

Under Review

LRDOCS-10732 End User cookie preferences

Ready For Documentation

mentioned in: Page Loading...; Page Loading...

(1 mentioned in)

Sub-Tasks

1.	[Dev] Storing cookies' information in database	LPS-148331	Closed	SE Support
2.	[Dev] All the cookies must be stored through the same internal API	LPS-148333	Closed	SE Support
3.	[Dev] Check the cookie preferences for cookie management on server side	LPS-148334	Closed	Brian Chan
4.	[Doc] Documentation of the Story: As a Site Administrator, I want the End User's cookie preferences to be considered at managing cookies on server side	LPS-148335	Closed	Zsigmond Rab
5.	[Release] Release / Feature flag and app.bnd	LPS-148336	Closed	Tamas Molnar (Inactive)
6.	[Test] Plan to write tests	LPS-148337	Closed	Tamas Molnar (Inactive)
7.	[Dev] All the cookies must define their category and pass that to the API	LPS-148734	Closed	SE Support
8.	[Test] Add new integration tests to the security test suite	LPS-153814	Closed	Gábor Lovas
9.	[Dev] Consider cookies OSGI config	LPS-153901	Closed	Tamas Molnar (Inactive)
10.	Refining the cookie handling in the Servers side API	LPS-155321	Closed	Gábor Lovas
11.	[QA] Add new functional tests to cover implicit and explicit flows	LPS-159220	Closed	Gábor Lovas
12.	[QA] Add new manual exploratory test cases	LPS-159221	Closed	Gábor Lovas

Activity

People

Assignee:: Zsigmond Rab

Reporter:: Zsigmond Rab

Engineering Assignee:: Tamas Molnar (Inactive)

Recent user:: Nóra Szél

Participants of an Issue:: Gábor Lovas, Mauro Mariuzzo, Tamas Molnar, Zsigmond Rab

Backend Developer(s) Assigned:: Tamas Molnar (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 28/Feb/22 8:24 AM

Updated:: 28/Feb/23 4:53 AM

Resolved:: 03/Aug/22 7:03 AM

Packages

Version	Package
7.4.13 DXP U66
Master