Hidden Anonyms and Oblivious Admins in Atlassian Confluence
Confluence is an all-in-one collaboration hub that a lot of companies all over the world consider a must-have tool for teamwork. Confluence allows you to create and edit documents, share plans, use task lists, form your own knowledge base for the teammates and customers. Confluence is also a perfect place for discussions, reviews, and feedback.
So we continue our blog post series that can help you gain the insight about the inner workings of Confluence administration. This blog post as well as the posts listed below will be useful both for novice Confluence administrators and power users who want to become administrators themselves.
- How to quickly make your space read-only.
- What non-visible features the default confluence-administrators group has.
- How to deal with tricky page restrictions.
Today we will show you some Confluence magic. We are ready to perform a trick with anonymous users in Confluence.
Assume you are a new Confluence administrator and your first task is to understand why some users can view and comment the spaces they do not have access to.
Your colleague, Molly Gibney, works in the HR department of your company and has no access to the Sweet Factory space. But the managers were surprised to find a lot of her comments in this space.
First and foremost, you have to check how this issue looks like in the space your colleagues are talking about.
As you can see, Molly Gibney can easily comment the pages in the Sweet Factory space.
Your second thought is that the previous administrator has accidentally added Molly to an inappropriate user group. You know that your company’s managers and engineers use this space for their current projects. So you navigate to the User Management tab.
But everything seems okay there: Molly Gibney belongs to the ‘confluence-users’ and ‘hr’ groups.
The next idea is that the problem is somewhere at the space level. Maybe there was a mistake while allocating group and individual permissions for the ‘Sweet Factory’ space.
You open the space tools tab and see that all the permissions for the groups and individual users are allocated correctly.
Now you have the last thing to check. If Molly has the System administrator permission at the global level, then everything is clear.
You happily navigate to the Global Permissions to find out that Molly Gibney has no individual permissions. And she is definitely not a member of the ‘confluence-administrators’ group (you’ve already checked it).
What is it then? Magic?
Unravelling the mystery
If you think that the situation described above is a ‘bug’ and you need to contact Atlassian support, it is not the case. It is a so-called trick with anonymous users. If you disable anonymous access in Global Permissions but leave public access to the space enabled, anonymous users will not access the space but logged-in users without proper permissions will.
If you check the previous screenshot with the Global Permissions tab once more, you’ll see that anonymous access is disabled globally. But if you return to the Space Permissions tab, you’ll see the following picture.
So all you need to do to solve the problem is to disable anonymous access at the space level.
We illustrated the concept of anonymous access in Confluence for you to have a better understanding of how this works.
Time to learn even more!
We showed you only a small part of what you can do in Confluence. To broaden your knowledge, check out our brand new (and free!) ‘Advanced Permission and Security Management in Atlassian Confluence’ training course for Confluence administrators.
This training course highlights the best practices and useful tricks of Confluence permission and security management. You will learn how to get started using tools that Confluence offers out of the box and discover the most popular apps that will help you power up your Confluence.