Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Next challenges

Recent achievements

  • Global
  • Personal

Recognition

  • Give kudos
  • Received
  • Given

Leaderboard

  • Global

Trophy case

Kudos (beta program)

Kudos logo

You've been invited into the Kudos (beta program) private group. Chat with others in the program, or give feedback to Atlassian.

View group

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Can I block all forms of Anonymous Access to Private Spaces, regardless of any other configuration ? Edited

As an Admin, can I, at the same time:

- allow 'Anonymous Access' to the website (ie. to _some_ spaces),

- allow co-workers to create their own Private Spaces,

- and yet, forbid co-workers to share any content from their Private Space on the World Wide Web (ie. no Anonymous Access allowed to Private Spaces) ?

1 answer

1 accepted

0 votes
Answer accepted
Ismael Jimoh Community Leader Sep 08, 2019

Hi @p19z 

Yes this is possible.

You will need to:

  1. Set Confluence to allow anonymous
  2. Set default Global Space permissions that does not allow anonymous to access all spaces 
  3. Set each space that need anonymous access to grant the required access
  4. Create a process that is followed by all private space owners which requires them to not change the space permission to allow anonymous access. (You can as the confluence admin manually access these spaces and ensure the permission is set correctly)

with these in place private spaces should not show up on the web.

Cheers.

Hi, thanks for the answer. I was actually thinking about something that would be a policy enforcement (and wouldn't need a process, a warning, nor any monitoring).

In fact, ideally, users should not be able to share their private profiles (or any page within it) with anybody outside of a specific group. Let's say that only "all-mycorp-colleagues" would be able to create and view Private Spaces and users from this group would only be able to add restrictions on their private pages; and *not* be able to broaden their audience (well, at least not without publishing into a dedicated Space that allows viewing from other audiences such as users registered to other groups, or even world-wide viewing).

I ask this because Management is concerned with Security -- eg. accidental sharing -- and would rather disable Private Spaces completely. Which is a shame.

(Deleted duplicate comment, see below).

(Deleted duplicate comment, see below).

Hi again,

 

I have a coupe sub-questions before I can close this topic.


In your answer, @Ismael Jimoh , I don't understand the sentence "Set default Global Space permissions that does not allow anonymous to access all spaces"; I am not sure where and I don't know how to do this.

1/ Where? => I assume that you meant the global "Default Space Permissions" (ie. https://MYCORPNAME.atlassian.net/wiki/admin/permissions/doeditdefaultspacepermissions.action ). That makes sense, ok.

2/ How? => I don't understand "how" because "Anonymous" isn't a group, and I don't see how could I create one like that. The only explanation is that this is already the default, in which case I don't understand why do you say that I have to do something about it.

2b/ Also the "view" setting, is for "All". As you can see on the screenshot below, there is no section "Private Spaces", let alone a setting for configuring who can "view" them.


BONUS QUESTION:

What is this group called "trusted-users-85aee5dc-aa8c-4e6d-86f9-69c7cf1c7e73" ?! It doesn't appear in the groups administration page...


ILLUSTRATION:

190911- Space Permissions - Confluence.png

Cheers,
P.

Ismael Jimoh Community Leader Sep 17, 2019

Hi,

So currently, the default space permission does not allow anonymous users access. 

Meaning when a new space is created by default(including personal spaces), then Anonymous users should not be able to see the pages by default.

The problem is you still need to inform your users not to change the space permission for individual spaces they administrate(they have the permission to administrate their own spaces or any spaces they are granted admin privileges to).

Anonymous is default to confluence. It is in-built into the application to allow non-license holders to access contents that are shared with them by the Confluence admin. For example when using confluence as a knowledge base for a support system, you may want to set the space permission to allow anonymous users the ability to view certain pages that help them solve issues on their own.

Also remove from all spaces that you do not want anonymous access, any anonymous users.

Screenshot 2019-09-17 at 17.48.06.pngThe above can be found under Global Permission page. Just above the Space permission in the image you shared. You can also prevent anonymous users access entirely if need be from here as this is controlled by the Confluence Admin only.

Cheers.

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Posted in Confluence

What do you think is the most *delightful* Confluence feature? Comment for a prize!

- Create your own custom emoji 🔥 - "Shake for Feedback" on mobile 📱 - An endless supply of GIFs via GIPHY 🤩 Is there anything quite as nice as a pleasant surprise? Comment below with what...

494 views 24 9
Join discussion

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you