Is there any way to chance the System Dashboard to only be shared with logged-in users?
Right now its set to shared with public, and the system dashboard is not listed under System > Shared Dashboard.
I am not aware about it, but would be strange, because it is a system dashboard, owned by the System and Shared with everyone.
Nevertheless, the shown information depends on the permissions the especific user has. So, because we use the Mode Private, one needs to log in to see any information.
I can see the system dashboard under Global Administration / System / User Interface
Still lists the System Dashboard for anonymous users. We do not have any anonymous users and don't see a reason to make this action/page available to Public.
So what I did was modify the ConfigurePortalPages action in the JIRA-INSTALL/atlassian-jira/WEB-INF/classes directory:
In a secure configuration of Jira there shouldn't be any possibility of information disclosure.
Also, I know the modification of these Jira classes is not supported by Atlassian, but I see no other option.
We were just made aware of public access dashboards and views being a security risk:
How do we change the view? I do not see a way to change the public access view to any logged in user. Help?
Learn how to use two new reports for next-gen projects in Jira Cloud: Cumulative flow diagram and Sprint burndown chart. Ivan Teong, Product Manager, Jira Software, demos the Cumulative ...
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events