Table of Contents |
---|
maxLevel | 3 |
---|
minLevel | 3 |
---|
type | flat |
---|
separator | pipe |
---|
|
Description
When using the SQL plugin on sites with untrusted users, you may need to employ security measures to control use. This describes some of the techniques for doing this. In some cases you may want to employ multiple techniques together depending on factors like database being accessed. For instance, macro security can be applied no matter what other technique you want to use.
Technique | Description | Benefits |
---|
Macro Security for Confluence | Content using SQL macros can only be created or updated by trusted users while still allowing other users the ability to view the content. This is implemented by the Confluence administrator installing CMSP using UPM and configuring access. | - Enables trusted users to provide important content.
- Controlled at the user, group, and database level.
|
Database permissions | Database permissions for the user configured for the SQL data source can be restricted. For instance, view only authority. This is recommended when only subset of access is needed, especially for browse only. | - Controls what database operations are allowed.
- Ease concerns for database or security administrator.
|
Allow only SQL-query Macro | Some databases (like PostgreSQL) enforce a JDBC remote access mode for read-only. The sql-query macro uses this support. This can be implemented by having the Confluence administrator disable the other sql macros in the UPM. | - Restrict access to query only.
|
Allow only SQL-file Macro | The sql-file macro only runs Confluence administrator controlled SQL. This can be implemented by having the Confluence administrator disable the other sql macros in the UPM. See How to securely run SQL queries without page edit restrictions. | - Only pre-defined SQL can be run
|
Role based security | Use database role security to control what data is available. | - Data shown based on user id and role
|
...
title | Confluence database access |
---|
...
Include Page |
---|
| SUPPORT:How to use SQL macros securely |
---|
| SUPPORT:How to use SQL macros securely |
---|
|