Confluence 6 directory sequence will affect

Others 2022-04-21 02:31:28 views: 0

This section will describe the impact of the user directory sequence on logins and permissions, as well as updating users and user groups.

Log in

The impact of the ordering of user directories in the user login system is very important, especially when a user with the same username exists in multiple directories. When a user logs in to the system, the system will search for the user name entered by the user according to the order of the user directory in the system, and at the same time search the password of the first found user and the password entered by the user when the user logs in to the application. Contrast, use this comparison to determine whether the user's login information is correct.

permission

Aggregate members (default)

The order of the user directories is not very important when using Confluence based user composition membership by default to aggregate users . If a user exists in multiple user directories, the application will aggregate (merge) the user's permissions in all directories,

E.g:

  • You have connected 2 directories: the customer directory and the partner group directory.
  • The customer directory comes first in the directory sequence.
  • A jsmithusername exists in both the customer directory and the partner directory.
  • jsmithThe user with username is G1 a member of the user group (in the customer directory) and is also a member of the G2user group (in the partner directory).
  • Then members of the username jsmith  will automatically have both G1and G2permissions, regardless of the sequence of the two directories.

Admin updates for Confluence 5.7 and later:

Permissions for user group membership in multiple directories updated (eg, LDAP, Active Directory, Crowd) in Confluence 5.7. Group membership will not be merged from all directories and will only exist in the first occurrence of the user directory. In the vast majority of cases, this modification has no effect on the user only being present in one directory or if the user's directory is synchronized correctly. In some extreme cases, user group members are not fully synced, which will automatically grant the user permission to view the space (if the user belongs to a user group member that was ignored by Confluence during the previous synchronization process).

 Here is an example situation...

Members that cannot be merged

It is possible to tell Confluence not to merge group members using the REST API, please refer to the following configuration:

 Turning on non-aggregating membership...

If you have chosen not to merge user members, the user's directory sequence will be important. If the user's user group information exists in multiple user directories, the user group to which the user belongs will appear in the user that appears for the first time in the user directory, which is set based on the sorting of the user directory.

E.g:

  • You have connected 2 directories: the customer directory and the partner group directory.
  • The customer directory comes first in the directory sequence.
  • A jsmithusername exists in both the customer directory and the partner directory.
  • jsmithThe user with username is G1 a member of the user group (in the customer directory) and is also a member of the G2user group (in the partner directory).
  • Then members of the username jsmith  will only have G1the permissions of , ignoring G2the permissions of .

Update users and user groups

If you update a user or user group through the system's administrator interface, the update will only be written to the first user group that the system has write access to.

Example 1:

  • You have connected 2 directories: the customer directory and the partner group directory.
  • The application has permission to update 2 directories.
  • The customer directory comes first in the directory sequence.
  • A jsmithusername exists in both the customer directory and the partner directory.
  • You update the jsmithuser .
  • Your update to this user is only valid for the information in the customer directory, the system will not update two directories at the same time.

Example 2:

  • You are connected to 2 directories: an LDAP directory with read and write permissions and an internal directory.
  • The LDAP directory comes first in the ordering of the directory.
  • All new users will be added to the LDAP directory, there is no way for new users to be added to the internal directory.

 

https://www.cwiki.us/display/CONFLUENCEWIKI/Managing+Multiple+Directories

Guess you like

Origin http://43.154.161.224:23101/article/api/json?id=324486214&siteId=291194637
Recommended
The number of MaxKB GitHub Stars, an open source knowledge base question and answer system based on large language models, exceeded 5,000!
Ranking
Getting the basic concepts of ROS + catkin Profile
Spring Learning (2) --- Assembling Beans in the IoC Container
js to get the src attribute of the image regularly
STM32 is based on CubeIDE and HAL library basics entry study notes: Bluetooth WIFI STM32 connects to Alibaba Cloud
Short video learning - 3, pandas simple use of pivot_table
Print directory of project configuration log, output log
Understand the difference between vi and vim in Linux in 3 minutes
1 + x certificate Web front-end development HTML5 special exercises
mangodb save and insert the difference
7-1 Family tree processing (50 points) (binary tree solution)
Daily
More
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)

Code World

© 2018 codetd.com