Product DocsMenu

Creating a Security Provider for the Atlassian Confluence Legacy Connector

For an on-premises Confluence, when you choose to index document permissions associated with Confluence items, the Coveo connector needs a security provider. When document permissions are indexed, in Coveo search results, a user searching for Confluence content only sees the content to which he has access in Confluence.

Note: You can get familiar with how Coveo components deal with permissions on documents both at indexing and query time (see Security) .

To configure a Confluence security provider

  1. On the Coveo server, access the Administration Tool (see Opening the Administration Tool).

  2. Select Configuration > Security.

  3. In the navigation panel on the left, click Security Providers.

  4. In the Security Providers page, click Add to create a new security provider.

  5. In the Modify Security Provider page:

    1. Configure the following required parameters:


      Choose a significant name to identify the security provider.

      Example: Confluence Security Provider

      Security Provider Type

      Select Confluence (x64).

      User Identity

      Select the Confluence user identity that you created previously (see Adding a User Identity).

      Security Provider

      Select Active Directory or a custom Active Directory security provider that you created for a specific domain to allow this Confluence security provider to map Confluence permissions to AD users (see Configuring an Active Directory Security Provider).

      CES 7.0.7183+ (November 2014) You can select an email security provider to allow this Confluence security provider to map Confluence permissions to emails. This is useful when your users are authenticated in the search interface with the same email address specified for their Confluence user, thus allowing them to also see secured documents to which they have read permissions (see Configuring an Email Security Provider) .

      Note: Connecting to an email security provider requires the plugin version 1.0.1+ (see Installing the Coveo Plugin for Atlassian Confluence).

      Web Service URL

      The address of the Confluence server. This should be the same address as the one that you will specify when you configure the source for the connector (see Configuring and Indexing an Atlassian Confluence Source With the Legacy Connector). Enter the URL in the following format:


      Example: http://MyConfluenceServer:8090

      Enhanced Web Service URL

      For Confluence version 3.5.0 to 5.8.5 installations, you must enter the URL pointing to the Coveo web service provided by the Coveo plugin on the Confluence server in the following format:


      Example: http://MyConfluenceServer:8090/rpc/soap-axis/coveo-enhanced-service

      Authenticate Connection

      Select this check box when you selected your Confluence user identity in User Identity to use it to authenticate the connection when connecting to the Confluence web services. The check box is cleared by default.

    2. For a Confluence 2.5.3 to 3.4.x installation, include the following required parameters:

      DB Connection String

      A valid database connection string to allow the connector to retrieve the security information from the Confluence database.

      Example: server=MyServer;database=MyDatabase;

      Database Driver Type

      Driver type to use to connect to the Confluence database. Possible values are: SqlClient, OleDb, or Odbc.

      LDAP Configuration File

      For LDAP integrations only, path of the Confluence LDAP configuration file (atlassian-user.xml) from which the connector automatically extracts the LDAP connection settings.

      Example: \\server\c$\confluence\WEB-INF\classes\atlassian-user.xml

      Note: When your Confluence server has an LDAP integration, the Confluence connector must also connect to the LDAP servers to extract the information of the LDAP members and to retrieve the members of LDAP groups (see the Atlassian document Connecting to an LDAP Directory).

      User Management Framework

      Default Confluence user management framework to use (see the Atlassian document Understanding User Management in Confluence). Possible values are: Default, AtlassianUser, or OSUser. This parameter is optional.

    3. Consider revising the default value of the following parameters:

      Time to Live

      Number of milliseconds before refreshing the cache of members. The default value is 300000 ms (5 minutes).

      Web Service Connection Timeout

      Maximum number of milliseconds a Web service call should wait. The default value is 300000 ms (5 minutes).

      Allow Complex Identities

      Leave this option cleared as it does not apply to this type of security provider.

    4. Click Apply Changes.

What's Next?

Configure and index a Confluence source (see Configuring and Indexing an Atlassian Confluence Source With the Legacy Connector).

People who viewed this topic also viewed