Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

What could cause an Anonymous log in?

Greg Della-Croce
Greg Della-Croce November 16, 2016

I am a system admin for our Confluence Wiki v5.8.14.   I am having instances of people, who have signed in and had to be verified by our system (LDAP), being identified by Confluence as Anonymous.   I have noticed this in several reports I get that "Anonymous has changed..." or "As Anonymous, you do not have authority to ...".  I have even seen some spaces created and the space owner is Anonymous.

I am wondering how this can occur.  Where do I look for the hole in my system that allows people past my security, or is Confluence being forgetful about who signed in?

Answer
Watch
Like Be the first to like this
218 views

2 answers

0 votes
Greg Della-Croce
Greg Della-Croce November 18, 2016

Marcel,

Thank you for the reply, it has given me some areas to check into.   I had the people in charge of the LDAP look into bind idea.   Bind is not active in our system was their reply (I am not sure I even understand what that is but we do not seem to be using it)

As to Anonymous permissions our default when creating a space is that Anonymous do not have any permissions.  I, however, do not know of a way to check through our 3,000+ spaces to find out if anyone has changed this setting.  We tell them not to, but Admins are like cats sometimes, they know they know better than you do.

I do hope we can solve this problem soon.   I appreciate your help.

Greg

Reply
0 votes
Marcel Woschek
Marcel Woschek
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
November 16, 2016

If I understand you correctly, you first need to figure out if the anonymous users are verified but corrupt  users or strangers.

Confluence offers anonymous bind for LDAP. So logging in via LDAP will give you anonymous user permissions in Confluence. (see here). Maybe you configured your LDAP like this by mistake.

If this is not the case you might have the wrong permissions on your Confluence. Therefore you have to check the permissions, whether anonymous users are allowed to view, create and edit pages or spaces. If that is the case you need to change this.

Another (but probably unlikely) reason might be a scheduler. At least in my case I developed a custom plugin which creates and edits pages within a job. This job uses an anonymous user account. Maybe you're using a plugin that has a similar behaviour?

Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
TAGS
AUG Leaders

Atlassian Community Events

    See all events