This app has been archived

You may still get support information and download previous versions of this app. Learn more.
Last modified 2022-08-02 2158 downloads By codecentric AG

Support

To check known issues (or if you want to file one), view this app's issue tracker.


To learn more about the app, you should:

Description

Protect filters which are shared with all users


Accessing such filters (Example: https://your-jira-domain.com/secure/ManageFilters.jspa) redirects to the login form. Saved filters, filter owner incl. mail adress will be protected.



Protect dashboards which are shared with all users


Accessing your Jira dashboards (Example: https://your-jira-domain.com

/secure/ConfigurePortalPages!default.jspa) redirects to the login form. Popular dashboard won't be shown to any anonymous user anymore.



Redirecting all requests to the login form


Next to popular filters and dashboards also the quicksearch and other content requests from your Jira instance will be redirected to the login form.



More details


Dashboards and filters can be shared with anyone. This also includes users which are not logged in (the "famous" anonymous users). This issue is opend and discussed here: https://jira.atlassian.com/browse/JRA-23255

While Jira displays a warning message that such sharing may not have the intended consequences it is so far impossible for an admin to prevent the sharing or access without patching the Jira source code.

A second problem is the quick search which can also be executed by an anonymous user and depending on the settings in the projects may or may not show some issues.

The "Prevent Anonymous Access" add-on prevent these redirecting any requests to the login form.

There is also a configurable whitelist to allow specific requests without login, for example to integrate with other tools.

Version history