Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

What's the best way to require login on every page?

David Yu
David Yu
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
April 4, 2018

I'm interested in securing paths in our Jira & Confluence installations so that there are no anonymously available URLs that will load. 

This means all unauthenticated requests will redirect to the login page.

I don't know if any special considerations will need to be given for TrustedApps.

I poked around Jira and seems there's an actions.xml file where I can specify role-required in several areas. There also seems to be a way to do it via Seraph, and use seraph-paths.xml to define it. 

Answer
Watch
Like Be the first to like this
1629 views

2 answers

1 accepted

2 votes
Answer accepted
Alex Johnson
Alex Johnson April 5, 2018

Hey there, I found your question while looking for similar myself.
I believe this may be what we are looking for.
https://jira.atlassian.com/browse/JRASERVER-65521

View More Comments
David Yu
David Yu
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
April 5, 2018

Good find! I'll have to give it a try. I'll need to double-check all the path patterns it protects.

Still looking for similar option with Confluence.

Like
Reply
0 votes
Joe Pitt
Joe Pitt
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
April 5, 2018

Do you mean if someone just types a url to an issue or report it will open without being logged on? Unless you've set permissions to 'anyone' that won't happen. 

View More Comments
David Yu
David Yu
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
April 5, 2018

I mean I wish to guard pages which are open to anonymous users. For example, look at all the Jiras in the wild. I know it's not exposing internal information, but it's still data I don't want exposed to anonymous users.

https://www.google.com/search?q="AboutPage.jspa"

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events