Have "Anonymous" access disabled by default

XMLWordPrintable

    • Type: Suggestion
    • Resolution: Unresolved
    • None
    • Component/s: Permissions, Security
    • None
    • 0
    • 1

      Problem Definition

      Anonymous access is enabled by default for new Bamboo installations

      Suggested Solution

      Have anonymous access disabled by default.

      Why this is important

      With the setting enabled, many pages can be accessed without logging in. This could show Bamboo configurations and results to people outside of the organization, potentially creating security issues.

      Workaround

      An admin can deselect/uncheck "Access" for Anonymous users under Admin > Overview > Global permissions and Deployment projects, as follows:

      Site access and Builds

      1. Navigate to Admin >> Overview >> Global permissions
      2. Scroll down to the Anonymous users row (Under Other)
      3. Deselect the "Access" checkbox

      Deployments

      1. Navigate to Deploy >> All deployment projects
      2. For each Project:
        1. Click the Edit (pencil) icon next to one of its Environments
        2. Click the Project permissions button
        3. Scroll down to the Anonymous users row (Under Other)
        4. Deselect the "View" checkbox

            Assignee:
            Unassigned
            Reporter:
            Ellie Z
            Votes:
            1 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated: