I would like to remove anonymous access as a choice for Space admins

I would like to remove anonymous access as a choice for Space admins.Since if a client space admin accidentally selects anonymous user permission, the space is visible to all users who are logged in which is a security breach in our company.

In the global permissions section for anonymous user we have selected as anonymous users can't use confluence, because of which if a page is set as anonymous a non-logged in user is not able to view that page , but a logged in user can access that page

since we have set in the global permissions that an anonymous user can't view confluence then if a space is set as anonymous (non-login user) then that is working fine for anonymous user i.e. an anonymous user is unable to view that page because of global settings.
But the problem is that if a space is set as anonymous accidentally by a client then that space is visible to all other clients(logged in user) which is a security breach for clients.So if this can be prevented then please let us know or if the anonymous option can be removed from the space permissions then please let us know.

If any body can let us know the UI component in which the space permissions section is visible so that from there we can remove the anonymous section     

6 answers

This widget could not be displayed.

I would like to remove anonymous access as a choice for space admins as well...

This widget could not be displayed.

You can use the query - DELETE FROM SPACEPERMISSIONS WHERE PERMGROUPNAME IS NULL AND PERMUSERNAME IS NULL AND SPACEID IS NOT NULL; to clear out any space-level anonymous permissions

In order to prevent space admins to grant this again, you can modify the page templates in the Confluence installation directory and remove the option from the space permissions page altogether.
For this, you will need to modify the following two files, please see the output of the diff commands respectively to see which lines to remove from each file:
<CONFLUENCE-INSTALL>/confluence/spaces/permissions/viewspaceperms.vm
diff viewspaceperms.vm viewspaceperms.vm.save
50a51,54
> <h2 class="steptitle">$action.getText('perms.anonymous')</h2>
> #if ($action.anonymousSpacePermissionWithoutGlobalPermission)
> #parse ("/spaces/includes/anonymous_access_warning.vm")
> #end
51a56,60
> <div class="stepdesc">
> $action.getText("space.anonymous.perms")
> </div>
>
> #showPermissions( ["a"] $action "false")
<CONFLUENCE-INSTALL>/confluence/spaces/permissions/editspaceperms.vm
diff editspaceperms.vm editspaceperms.vm.save
114a115,117
> <h2 class="steptitle">$action.getText('perms.anonymous')</h2>
> <div class="stepdesc">$action.getText('perms.anonymous.desc')</div>
> #showPermissions( ["a"] $action "true")

Please note that:

  • You will need to restart the instance so that the changes are picked up.
  • The modification will not survive an upgrade of the instance, so you will need to port these changes.
This widget could not be displayed.

Thanks Ankur for the reply.

But this is more a hack than a solution... Do some "magic" in the DB and do some "hacks" on some templates that are overwritten again on an update isn't the way I want to go on our production environment...

A built-in solution from Atlassian would be much appreciated... I mean, shouldn't be too difficult to implement...

This widget could not be displayed.

This is a solution provided by atlassian , no other way we have currently

This widget could not be displayed.

I would like a better more native solution from Atlassian as well, possibly an additional option in their global permissions. 

This widget could not be displayed.

Hi Ankur, 

Is there an update on this request? Can you point me to feature request (if there is one yet) for global admins to be able to remove the anonymous permission option in spaces from the Atlassian as a built in solution and not as a "hack"?  We need to be able to remove several permission options from the space permission scheme so that our space admins don't accidentally grant other permissions such as making permission changes they don't understand or accidentally granting anonymous access.  It would be nice if global admins had more control over which permissions they want spaces and space admins to be able to control.  The check mark options just aren't enough.  We need to be able to disable, lock or completely remove from the space permission options. Thanks.

Also with the hard code solution you propose above, would we have to repeat this hack every time we upgraded on server instance? We host on prem. That option would be resource intensive.

Suggest an answer

Log in or Sign up to answer
Community showcase
Posted yesterday in Confluence

Why start from scratch? Introducing four new templates for Confluence Cloud

Hi my Community friends!  For those who don't know me, I'm a product marketer on the Confluence Cloud team - nice to meet you! For those of you who do, you know that I've been all up in your Co...

208 views 2 4
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you