Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How can we manage read only users and permissions?

Tim Mohrbach
Tim Mohrbach March 9, 2015

Hi,

we are close to changing from our old wiki software to confluence. It's a powerful tool, but we have one major blocker and would like if there is any way around it.

We have some knowledge we need to share among a few hundred users. But it is too highly confidential to share it with anyone on the web.

Means one space requires us to create something like 300 read only users (not authors). But that would require a really big license fee, where we are actually only 8 people editing pages and spaces.

Is there anyway to achieve user logins for read only users for certain spaces without buying the huge license for a few hundred authors?

 

Thank you and best regards

Tim

Answer
Watch
Like Sara Halper likes this
503 views

2 answers

1 accepted

1 vote
Answer accepted
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
March 9, 2015

In order to know what access someone should have, Confluence needs to know who they are.   So they need an account to log into.

Unless you enable "anonymous" (never for any access other than read, of course, or you can't track the activity). 

What you need is the ability to authenticate people, but not identify them.  So that anonymous access can work for authenticated users without them logging in.  There's no way Confluence can do that, so your instinct to reach for something else is spot-on.

I have done this before a few times by using certificates in the Apache front-end.  You give every user (readers and editors) a certificate and that has to be presented before Apache will let them get to Confluence.  Editors then log in as normal to get their edit rights (unless you get a bit more sneaky and replace the Confluence login with something that reads the certificate and pulls out their used account from data embedded in it).

I've not worked with Tomcat Realms, but it does sound like another good way to do it.

View More Comments
Tim Mohrbach
Tim Mohrbach May 28, 2015

tomcat realms with basic authentication and digested passwords was the way to go... I can scale this as far as I like and have full control over who can use the anonymous user to read.

Like
Reply
0 votes
Tim Mohrbach
Tim Mohrbach March 9, 2015

Could the tomcat realms be a possibility to achieve this actually?

Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.