It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Can I restrict login rights to specific users and groups in Confluence?

Doug Hughes Nov 20, 2015

I have Confluence configured to use JIRA as it's user repository.

Observation: All users in the JIRA repository appear to be allowed to log in to Confluence, though they don't have rights to see anything by default.

Desire: I would like to prevent anyone not explicitly granted login permission from logging in. Is this possible?

1 answer

1 accepted

0 votes
Answer accepted
Nic Brough [Adaptavist] Community Leader Nov 20, 2015

Yes.  Go to global permissions in both JIRA and Confluence and look at the "can use" permission - that determines what groups can log into each of them.

I suspect you will find it names "jira-users" in both - you'll want to remove that from confluence and replace it with a group such as "confluence users"

 

Doug Hughes Nov 23, 2015

I'm not seeing what you describe. In Jira I have these relevant groups configured: jira-users (3 users), jira-administrators (1 user), confluence-users (0 users), and confluence-administrators (0 users). In Confluence I have one user ("admin") assigned to the confluence-administrators and confluence-users group. Looking at the global permissions page in Confluence, only the confluence-administrators and confluence-users groups have "can use" checked. Individual users and anonymous users are not given access. However, any user in the Jira directory is being allowed to log in to Confluence. They see a page that says "You are not permitted to perform this operation.", though they ARE logged in. I'm concerned that this will waste one of my user licenses in Confluence.

Doug Hughes Nov 23, 2015

If I look at the user who logged in I can see their Last Login date is just a few moments ago, even though they shouldn't have access to Confluence.

Nic Brough [Adaptavist] Community Leader Nov 23, 2015

The login date is not that important, and it happens even when you don't have access. If you try to log in (and that can be from an addon or linked page), if it finds you in the directory, it's a login, even if it then goes on to say "ah, but you can't actually use me". Bit of a pain to be honest. The thing to check is the number of active users in each system - if you look at the system info page it should tell you how many *active* users you have. When you're counting these, bear in mind the rules: - It *is* "this user can log in" - It de-duplicates accounts - if you are in three groups that allow login for some reason, then you will only count once - Inactive users can be flagged in the user maintenance, but still appear in the login groups - "can use" is the most important permission, but *admin* users can always log in too, and hence they always count. Even if they don't exist in the users group, they can log in. I would expect your JIRA to show 3 users (I am assuming that your admin is in both jira-administrators and jira-users) and Confluence to show just 1.

Doug Hughes Nov 23, 2015

Yea, I confirmed the license usage is being reported as I'd want it to be, so that's good. I just don't really like being able to log in when you can't really use the system. No access should literally mean no access.

Suggest an answer

Log in or Sign up to answer
This widget could not be displayed.
This widget could not be displayed.
Community showcase
Published in Confluence

6 Awesome Ways to Apply Trello, JIRA and Confluence to your Project

I attended  Atlassian Summit 2019  and learned a lot from the presenters, attendees and knowledgeable Atlassian product managers. The presentations I attended focused on applying Agile, pla...

911 views 6 17
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you