Someone else can step in and correct me if I'm wrong, but I decided to explore this a little. However, it's very possible I do not understand how auth works with Confluence (or with servers in general), so take this for what it's worth (almost nothing).
If you request the admin URL:
Now turn on your network monitor (in my case, I used Chrome's Network tab), enter your password, and click "Confirm".
Then look at the request, it looks like it is NOT encrypted. Here's a dump of my request. The password is in the form data, in plain text:
Request URL:http://yoursite.com/confluence/doauthenticate.action Request Method:POST Status Code:200 OK Request Headers Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Charset:ISO-8859-1,utf-8;q=0.7,*;q=0.3 Accept-Encoding:gzip,deflate,sdch Accept-Language:en-US,en;q=0.8 Cache-Control:max-age=0 Connection:keep-alive Content-Length:82 Content-Type:application/x-www-form-urlencoded Cookie:confluence.browse.space.cookie=space-pages; <snip> Host:yoursite.com Origin:http://yoursite.com Referer:http://yoursite.com/confluence/authenticate.action?destination=/admin/console.action User-Agent:Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.56 Safari/536.5 Form Data password:PASSWORD authenticate:Confirm destination:/admin/console.action
Everything below is tested on Ubuntu 17.10. I prefer to use Jira in a docker container because: 1. I can install Jira with a couple of commands. 2. I can start and stop Jira just by starting and s...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs
We're bringing product updates and pro tips on teamwork to ten cities around the world.Save your spot