Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

users who are logged in but unknown to site are not treated as anonymous

Brian M Thomas
Brian M Thomas July 12, 2017

There are a couple of other questions on this, but neither covers my situation.

A user that was logged in with an Atlassian ID but unknown to my site found that he couldn't access it unless he logged out.

He was not a member of any group, because he wasn't registered as a user on my site.  In this case, he should have been treated as anonymous because his authentication as an Atlassian ID user is irrelevant to me since I don't know him.  

Other questioners have been told that the users group needed to be given "Use Confluence" permission, but this user is not a member of that group. In any case, I can't give that group the proper permissions.

Answer
Watch
Like Be the first to like this
368 views

1 answer

2 votes
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
July 12, 2017

I think this is a problem with the Atlassian accounts idea. 

Atlassian knows someone is logged in, so Cloud thinks they are too.  Then it looks at your permissions and decides the user can't see anything.  But because they're logged in, they are not anonymous.

I think that's quite a significant bug in Confluence.  It's the same root cause of a problem in both Server and Cloud systems too.  When you have a space that allows access to group X and anonymous, then someone in group Y (but not X) logs in, they can't see the space, because they're not anonymous.  Logging out gives them access.

View More Comments
AnnWorley
AnnWorley
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
July 13, 2017

Related to our old friend: Allow unlicensed, authenticated users to have anonymous read only access

Like
Brian M Thomas
Brian M Thomas July 19, 2017

Ann:

Thank you for that issue reference; I'll be sure to follow it.

The reason that I posted this one despite the existence of other related ones is that I view the situation in a slightly different light.

The mistake Atlassian have made is to assume that the sites all share the namespace managed by the Atlassian ID service, as in any enterprise SSO arrangement.  They don't; each shares only that subset of the namespace of which it is aware, and users cannot be considered "logged in" to my site solely because they are "logged in" to another site.  As far as my site is concerned, they are unnamed, because they don't have a name that it recognizes.

Many authentication schemes have foundered on this mistake, because they didn't recognize that just because another site knows you as "Bob" doesn't mean anything to me if I don't know "Bob" from Adam, so to speak.

 

Like
Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
TAGS
AUG Leaders

Atlassian Community Events

    See all events