Prevent Anonymous Access

for Jira Server 6.4 - 8.17.1 and more
93 installs
  • Unsupported
Free app

Secure your Jira server by only serving logged in users

Protect filters which are shared with all users

Accessing such filters (Example: https://your-jira-domain.com/secure/ManageFilters.jspa) redirects to the login form. Saved filters, filter owner incl. mail adress will be protected.

Protect dashboards which are shared with all users

Accessing your Jira dashboards (Example: https://your-jira-domain.com

/secure/ConfigurePortalPages!default.jspa) redirects to the login form. Popular dashboard won't be shown to any anonymous user anymore.

Redirecting all requests to the login form

Next to popular filters and dashboards also the quicksearch and other content requests from your Jira instance will be redirected to the login form.

More details

Dashboards and filters can be shared with anyone. This also includes users which are not logged in (the "famous" anonymous users). This issue is opend and discussed here: https://jira.atlassian.com/browse/JRA-23255

While Jira displays a warning message that such sharing may not have the intended consequences it is so far impossible for an admin to prevent the sharing or access without patching the Jira source code.

A second problem is the quick search which can also be executed by an anonymous user and depending on the settings in the projects may or may not show some issues.

The "Prevent Anonymous Access" add-on prevent these redirecting any requests to the login form.

There is also a configurable whitelist to allow specific requests without login, for example to integrate with other tools.

Privacy and security

Privacy policy

Atlassian's privacy policy is not applicable to the use of this app. Please refer to the privacy policy provided by this app's vendor.

Vendor privacy policy

Security

This app is not part of the Marketplace Bug Bounty program. Learn more

Resources