users who are logged in but unknown to site are not treated as anonymous

There are a couple of other questions on this, but neither covers my situation.

A user that was logged in with an Atlassian ID but unknown to my site found that he couldn't access it unless he logged out.

He was not a member of any group, because he wasn't registered as a user on my site.  In this case, he should have been treated as anonymous because his authentication as an Atlassian ID user is irrelevant to me since I don't know him.  

Other questioners have been told that the users group needed to be given "Use Confluence" permission, but this user is not a member of that group. In any case, I can't give that group the proper permissions.

1 answer

2 votes

I think this is a problem with the Atlassian accounts idea. 

Atlassian knows someone is logged in, so Cloud thinks they are too.  Then it looks at your permissions and decides the user can't see anything.  But because they're logged in, they are not anonymous.

I think that's quite a significant bug in Confluence.  It's the same root cause of a problem in both Server and Cloud systems too.  When you have a space that allows access to group X and anonymous, then someone in group Y (but not X) logs in, they can't see the space, because they're not anonymous.  Logging out gives them access.


Thank you for that issue reference; I'll be sure to follow it.

The reason that I posted this one despite the existence of other related ones is that I view the situation in a slightly different light.

The mistake Atlassian have made is to assume that the sites all share the namespace managed by the Atlassian ID service, as in any enterprise SSO arrangement.  They don't; each shares only that subset of the namespace of which it is aware, and users cannot be considered "logged in" to my site solely because they are "logged in" to another site.  As far as my site is concerned, they are unnamed, because they don't have a name that it recognizes.

Many authentication schemes have foundered on this mistake, because they didn't recognize that just because another site knows you as "Bob" doesn't mean anything to me if I don't know "Bob" from Adam, so to speak.


Suggest an answer

Log in or Sign up to answer
Community showcase
Published Tuesday in Confluence

Confluence Admin Certification now $150 for Community Members

More and more people are building their careers with Atlassian, and we want you to be at the front of this wave! Important Dates Start the Certification Prep Course by 2 April 2019 Take your e...

192 views 2 10
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you