Confluence 5.10 server.
we have confluence limited to IT dept. we are migrating our wiki pages to conflunce. we have few pages that our business users would need to see.
i understand that setting up public access will provide access to everyone across confluene. or i can provide space specific anynymous access.
i have q's
1) what are some of the precautions that we need to take(permissions) so that entire world is not seeing our site( we have sensitive material out there)
2) does providing access to public, lets them download any pages/images and documents? is there a way to restrict this ?
3) are there any other workarounds to my issue without consuming licenses?
1) what are some of the precautions that we need to take(permissions) so that entire world is not seeing our site
Don't enable anonymous access
2) No. If someone can read a page, they can download/copy/screenshot/capture it. This is not a Confluence thing, it's the way computers work - to show you something, your computer has downloaded it, so there's a way to save it
3) Make it anonymous but place some form of firewalling between it and the outside world. I've done "internal network, help yourself, but if you're external, demand username/password for the network (but not Confluence)" before. I've also seen a few places do ip restrictions, but they are a doddle to get around if you try, so I don't bother recommending them.
okay. makes sense. thanks nic.
another q - so, when an anonymus user hits the URL, does Confluence asks for userid and password. my guess is no but would that depend on any of the server/network configurations ?( im only Confluence Admin, not system admin in my company)
The base url lands them on the dashboard, which typically contains a login section. You can change that, and have just the dashboard, or even a home page. Of course, they might be following a link into something that is not the dashboard, but they won't be asked to log in directly.
The option to log in will lurk in the overall framework, with the users (anonymous) profile, and if they hit a page they can't see, a generic "you might be able to see this page if you logged in <link>" will be given to them. Either way, then they get asked for username and password.
okay. but our username and passwords are synched to our SSO'ids which we use. so, if anonymous users are sent a link and they are asked to login, then would using the SSO consume the license? also, our Confluence permisions (on who can see/do what) flow from JIRA.
im not sure on how this would work ?
im not clear nic. so, when we add public access to entire site and i share a link to a page with you, will confluence ask you to login ? if so, what would be the userid & password.
i thought public access meant when i hit a URL link ( like atlassian's confluence), i can just get rerad-only access to the page and navigate around(depending on space level permissions)
is this not the case?
I already explained what happens when a non-logged-in user arrives.
SSO twists it a little bit, but not that much. All that happens with SSO is that a user will be logged in automatically IF they have already logged into another SSO enabled application AND they have a Confluence account.
I attended Atlassian Summit 2019 and learned a lot from the presenters, attendees and knowledgeable Atlassian product managers. The presentations I attended focused on applying Agile, pla...
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events