Guidelines for setting anonymous access in Confluence. restricting ip address

Confluence 5.10 server.

we have confluence limited to IT dept. we are migrating our wiki pages to conflunce. we have few pages that our business users would need to see. 

i understand that setting up public access will provide access to everyone across confluene. or i can provide space specific anynymous access.

i have q's

1) what are some of the precautions that we need to take(permissions) so that entire world is not seeing our site( we have sensitive material out there)

2) does providing access to public, lets them download any pages/images and documents? is there a way to restrict this ?

3) are there any other workarounds to my issue without consuming licenses?

 

thanks

1 answer

This widget could not be displayed.

1) what are some of the precautions that we need to take(permissions) so that entire world is not seeing our site

Don't enable anonymous access

2) No.  If someone can read a page, they can download/copy/screenshot/capture it.  This is not a Confluence thing, it's the way computers work - to show you something, your computer has downloaded it, so there's a way to save it

3) Make it anonymous but place some form of firewalling between it and the outside world.  I've done "internal network, help yourself, but if you're external, demand username/password for the network (but not Confluence)" before.  I've also seen a few places do ip restrictions, but they are a doddle to get around if you try, so I don't bother recommending them.

okay. makes sense. thanks nic.

another q - so, when an anonymus user hits the URL, does Confluence asks for userid and password. my guess is no but would that depend on any of the server/network configurations ?( im only Confluence Admin, not system admin in my company)

The base url lands them on the dashboard, which typically contains a login section.  You can change that, and have just the dashboard, or even a home page.    Of course, they might be following a link into something that is not the dashboard, but they won't be asked to log in directly.

The option to log in will lurk in the overall framework, with the users (anonymous) profile, and if they hit a page they can't see, a generic "you might be able to see this page if you logged in <link>" will be given to them.  Either way, then they get asked for username and password.

okay. but our username and passwords are synched to our SSO'ids which we use. so, if anonymous users are sent a link and they are asked to login, then would using the SSO consume the license? also, our Confluence permisions (on who can see/do what) flow from JIRA. 

im not sure on how this would work ?

im not clear nic. so, when we add public access to entire site and i share a link to a page with you, will confluence ask you to login ? if so, what would be the userid & password. 

i thought public access meant when i hit a URL link ( like atlassian's confluence), i can just get rerad-only access to the page and navigate around(depending on space level permissions)

is this not the case?

thanks!

I already explained what happens when a non-logged-in user arrives.

SSO twists it a little bit, but not that much.  All that happens with SSO is that a user will be logged in automatically IF they have already logged into another SSO enabled application AND they have a Confluence account.

Suggest an answer

Log in or Sign up to answer
Community showcase
Posted Monday in Confluence

Why start from scratch? Introducing four new templates for Confluence Cloud

Hi my Community friends!  For those who don't know me, I'm a product marketer on the Confluence Cloud team - nice to meet you! For those of you who do, you know that I've been all up in your Co...

477 views 6 6
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you