-
Type:
Suggestion
-
Resolution: Unresolved
-
Component/s: Permissions - Anonymous Access
-
None
-
1
-
3
Issue Summary
Default Data security policies for anonymous access are not blocking Confluence anonymous space settings from being changed when the default "Blocked" is used. When using "Allowed" and blocking via Override, it blocks admins from changing the setting and displays a message.
It's important to note that this issue is only about the Confluence Settings for Anonymous Access – despite the settings still being available and able to be enabled for the app/spaces, the DSP still works as expected and blocks any content from being accessed by anonymous when set.
Steps to Reproduce
- Navigate to the admin hub
- Select Security -> Data Protection -> Data Security policy
- Click to view control for Anonymous access and create a Draft
- Select the default configuration to Block anonymous access
- Activate the policy
Expected Results
Selected Confluence spaces should not have the option to allow anonymous access.
Actual Results
Workaround
While the default Blocked configuration does not prevent anonymous access settings from being enabled/disabled in Confluence (despite blocking the content itself correctly), the default Allowed configuration, adding spaces that needs to blocked to the Override, does block the settings in Confluence UI, preventing the App/Space admins from enabling/disabling the AA in the respective container.
- Create a new draft, setting the default configuration to Allowed
- Add a new override with the Blocked configuration
- Select all spaces that need to be blocked
- Activate the policy
Now, when admins for those spaces open "Space settings > Anonymous access", a message will display stating that it's disabled and they should contact their admins for more info.
