Secure your Jira server by only serving logged in users
Secure your Jira server by only serving logged in users
Secure your Jira server by only serving logged in users
Protect filters which are shared with all users
Protect dashboards which are shared with all users
Redirecting all requests to the login form
Accessing such filters (Example: https://your-jira-domain.com/secure/ManageFilters.jspa) redirects to the login form. Saved filters, filter owner incl. mail adress will be protected.
Accessing your Jira dashboards (Example: https://your-jira-domain.com
/secure/ConfigurePortalPages!default.jspa) redirects to the login form. Popular dashboard won't be shown to any anonymous user anymore.
Next to popular filters and dashboards also the quicksearch and other content requests from your Jira instance will be redirected to the login form.
More details
Dashboards and filters can be shared with anyone. This also includes users which are not logged in (the "famous" anonymous users). This issue is opend and discussed here: https://jira.atlassian.com/browse/JRA-23255
While Jira displays a warning message that such sharing may not have the intended consequences it is so far impossible for an admin to prevent the sharing or access without patching the Jira source code.
A second problem is the quick search which can also be executed by an anonymous user and depending on the settings in the projects may or may not show some issues.
The "Prevent Anonymous Access" add-on prevent these redirecting any requests to the login form.
There is also a configurable whitelist to allow specific requests without login, for example to integrate with other tools.
Reviews for cloud
(19)Sign in to write a review
The whitelist has been made configurable with version 2.0. This should increase the chances that the add-on is useful in your case.
About filtering based on the IP address: a nice idea which hasn't come to my mind.
Reviews for server
(19)Sign in to write a review
Hi Michael,
thanks for your feedback. May I ask you to provide some more details via our service desk customer portal.
https://jira.codecentric.de/projects/APP/queues/custom/6
I need to understand how you want to use the service desk. What are the Urls you want to access in an anonymous way. What regular expressions are you using for the whitelist entry and finally what are the project roles and permission settings.
Thanks for your support,
Cheers
Heiko
Product Owner at Codecentric
Reviews for Data Center
(19)Sign in to write a reviewThe whitelist has been made configurable with version 2.0. This should increase the chances that the add-on is useful in your case.
About filtering based on the IP address: a nice idea which hasn't come to my mind.
Cloud Pricing
Server Pricing
Data Center Pricing
Basic support resources are available for this app.
Vendor support resources
Find out how this app works.
Atlassian-hosted discussions connect you to other customers who use this app.
Versions
Version 3.0.0 • Jira Server 6.4 - 8.3.4 • Released 2019-03-11
Summary
Compatibility with Jira 8.0.0
Installation
- Log into your Jira instance as an admin.
- Click the admin dropdown and choose Add-ons. The Manage add-ons screen loads.
- Click Find new apps or Find new add-ons from the left-hand side of the page.
- Locate Prevent Anonymous Access via search. Results include app versions compatible with your Jira instance.
- Click Install to download and install your app.
- You're all set! Click Close in the Installed and ready to go dialog.
To find older Prevent Anonymous Access versions compatible with your instance, you can look through our version history page.
Similar apps
