Uploaded image for project: 'Jira Server and Data Center'
  1. Jira Server and Data Center
  2. JRASERVER-40787

It should be possible to restrict access to the Issue Navigator by anonymous users

    XMLWordPrintable

Details

    • 5
    • 15
    • We collect Jira feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

    Description

      NOTE: This suggestion is for JIRA Server. Using JIRA Cloud? See the corresponding suggestion.

      Currently, even if a user is not logged into JIRA, he/she will still be able to access the Issue Navigator using the URL: http://<JIRA_URL>/issues/?jql=/.

      Steps to reproduce:

      1. Setup a JIRA instance.
      2. Try to go to the Issue Navigator URL (for example: http://localhost:8080/issue/?jql=)
      3. Even if you are not logged in, you will still be able to see the issue navigator.

      There are customers who share their filters with everyone, and having the Issue Navigator URL publicly accessible allows for any user to browse those filters and see the filter owner name, for instance.

      Although this is the expected behaviour, it would be helpful to have the possibility of restricting access to the Issue Navigator (e.g. in the General Settings) so that anonymous users are redirected to a login page.

      Attachments

        Issue Links

          Activity

            People

              Unassigned Unassigned
              dconrad Danilo Conrad
              Votes:
              26 Vote for this issue
              Watchers:
              24 Start watching this issue

              Dates

                Created:
                Updated: