Authorisation based on user credentials should be possible via communication between systems, (Confluence and JIRA).

For example, if all anonymous access is denied to a JIRA instance then accessing RSS information via the confluence jiraissues macro requires the username and password to be placed in the URL (a little unsecure). If an organisation considers this too insecure, they cannot share information requiring authorisation between the two systems, even if authentication has taken place.