Example #1 - Restrict to Administrators Only
This is a good starting point for new installations of Confluence. It restricts all macros and parameters to confluence-administrators. You can gradually open up capabilities on a macro-by-macro basis as needed.
Example #2 - No Restrictions
Use this property file temporarily when adding Macro Security to a Confluence site that is already using macros that implement Macro Security. This gives administrator time to implement page restrictions and do testing before full implementation.
Example #3 - Moderate Restrictions
Mostly restricts to confluence-administrators, but allows *ANY for many of the capabilities that a typical internal (employee-only) site would likely allow.
These macros are partially or fully restricted:
- Beanshell
- CLI
- Code Pro
- CSV*
- Excel*
- Flash
- Gant
- Groovy
- HTML
- JSON Table*
- Jython
- Markdown
- SQL
- SQL Query
- XSLT
These macros are not restricted:
- Cache
- Future
- Run
* = The only restrictions relate to the use of the disableAntiXss parameter.
If you are just starting out:
- Select one of the examples above that most closely matches your requirements.
- Download the example property file.
- Edit the property file to suit your needs. For instance, you can either remove entries for macros you do not currently use or leave them in there in case they get added in the future
- Save your edits.
- Go to a convenient location in Confluence and add the file as an attachment. Using an attachment is convenient as it is automatically versioned by Confluence for future reference and change control.
- From the Manage Add-ons admin page, expand the Macro Security for Confluence item and then click Configure.
- Load the attachment that you previously added.
Configuration page, after loading the property file that defines the security configuration.
