Restrict local php files to users logged into confluence

Hello everyone,

I have confluence installed in our local network. On the same machine is an apache server so I can use html-include, which works great.

My problem is that anyone in the network can access the pages that I include if they know the url.

Is there anyway to restrict my php files to users that are logged into confluence.

Or maybe have a restriction in apache so only access from confluence is allowed?

Making this depended on confluence group membership would be ideal of course but is not a must.

Thank you

1 answer

0 votes

I think this dependency will need to be resolved at either the PHP or apache level.

You could possibly write into your script an API call to the /rest/group endpoint https://docs.atlassian.com/ConfluenceServer/rest/6.12.1/#group-getMembers

to get the list of group members from Confluence. But I'm not sure how your PHP file would retreive the current user's ID.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.