Confluence : Permissions Changes in 1.2
This page last changed on Aug 23, 2004 by cmiller.
For Swan, changes were made to the way Confluence manages and checks permissions. This document is a guide for anyone migrating from Confluence 1.1.2 or earlier describing why the changes were made, and what this means to existing Confluence installations. Why Change?There were two goals behind changing permissions in Confluence:
What Changed?"Anyone" User RemovedIn Confluence 1.1.3, there was an "Anyone" user, who represented anyone using the system, whether logged in or not. This user was the source of the licensing problem, and no longer exists in Confluence 1.2 Anonymous Permissions AddedConfluence 1.2 has explicit permissions for anonymous users. These permissions are only granted to users who are not logged in. There is nothing stopping an administrator granting some permission to anonymous users, but not granting it to logged-in users. This results in the slightly bizarre possibility that a user might be able to do more before logging in than they can after. Luckily, this is a pretty easy situation for administrators to avoid. Enabling anonymous access has no effect on Confluence's user count for licensing purposes. Guard Permissions AddedThe roles of the "Use Confluence" and "View Space" permissions have been expanded so that now they are required permissions before a user or group can be granted any more rights. Before a user has access to anything in the Confluence server, they must first have "Use Confluence" permission, and likewise before a user has access of any kind to a space, they must first have the "View Space" permission. For licensing purposes, your number of users is equivalent to the number of non-anonymous users with the "Use Confluence" guard permission. Migrating from 1.1 to 1.2Migrating AutomaticallyWhen you upgrade from Confluence 1.1, or when you restore a backup created in 1.1 into Confluence 1.2, an upgrade task will run to automatically migrate your permissions to the new scheme, while keeping them consistent with your 1.1 security settings. The task will make the following changes:
After starting up with the new version of Confluence, we suggest that you check that the permissions have migrated successfully. While we have tested the migration code, maintaining your site's security is important enough to warrant a double-check, just in case. Migrating ManuallyIf the automatic migration does not complete successfully, which would most likely happen if you have removed the "confluence-users" group, you will need to perform the above steps manually, through the user administration interface. |
![]() |
Document generated by Confluence on May 01, 2007 19:28 |