...
| Tip | ||
|---|---|---|
| ||
If Confluence database access is defined via an application server based data source, Confluence data can be accessed by the SQL macros using that data source unless other security techniques prevent access. This can be powerful in many circumstances but should be access controlled just like other databases. Direct access to a database circumvents application level security, so should always be considered. Even if you want to provide some level of access to the Confluence database, it is strongly recommended to create a separate data source for this access. Either duplicate the application server data source definition that Confluence uses and provide a different name (preferred) or create a profile defined data source. To prevent access to the Confluence defined data source, either use CMSP to disallow access or define a profile defined data source with the same name as the application data source and override the values or re-direct to some other data source. |