People who are not logged in can see and comment as anonymous on tickets. This is a big security risk for us and our clients. I only want access for logged in users.
I tried in both Safari and an incognito window in Chrome and I am able to see the full ticket without being logged in.
Change the permission scheme(s). Remove the "group" called "anonymous" from all inappropriate permissions
(Frankly, that's all of them other than "browse" for a start, and "browse = anonymous" is only for certain types of public project too)
Completely understand, but I don't share emails in public (so much spam already). Could you try it with a clean browser? If you've got Chrome or Firefox, there's an "anonymous browse" option which will not carry any login details even if you've got a normal session running - that's more than good enough to do this test.
If you can then see the issue without any login, the next step is to be 100% sure there is no "anyone" in the permissions for that one project, then visit https://support.atlassian.com to raise the issue with them. It sounds very broken to me, and quite a security hole, so I'd expect quite a swift response.
Badges are a great way to show off community activity, whether you’re a newbie or a Champion.Learn more
A picture tells a thousand words. And agility boards have just released their latest feature: cover images on issues – so now your board can tell a story at first glance. Upload attachmen...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG