Confluence V1 Connector Configuration Reference
Retrieve data from the Atlassian Confluence Wiki CMS. You can configure this datasource to crawl pages, spaces, blog posts, comments, and attachments.
The Fusion Confluence connector supports Confluence Server versions 5.5 and later and Confluence Cloud.
Confluence Connector’s security trimming
Why do some field names have different numbers?
After crawling some test Confluence content, the Solr index has ACL fields such as
acl_groups_0_ss, but the field names can have different numbers. For example, some documents have
This is due to the strange way that Confluence handles user and group viewing permissions. Each of these fields represents an ancestor of the item’s security. If a user does not match EACH level of permissions, the user cannot see the document and the doc will be filtered out.
You will see three fields that are used during security trimming:
ancestorCount_istores the number of ancestors this item has
acl_users_i_sstores the users allowed to see this item at ancestor number
acl_groups_i_sstores the groups allowed to see this item at ancestor number
Users/groups that want to see a document in Confluence are processed ancestor-by-ancestor linearly.
During security trimming, you will give the filter a
queryUser and we return the Confluence documents this user can access.
The Confluence security trimming algorithm does the following:
Calculate the maximum
ancestorCount_iof all documents in the index (
Query Confluence for the Confluence Security Groups that
queryUseris part of.
for i from [0 to max(ancestorCount_i)], append an AND clause for the security filter to match against each ancestor level for the
(acl_users_i_s:_lw_confluence_anonymous_ OR acl_users_i_s:queryUser OR acl_group_i_s:group1 OR acl_group_i_s:group2 ... )
queryUser = ndipiazza groupsUserIsIn = EngGroup, NorthAmericaGroup max(ancestorCount_i) = 3
Then the filter would be:
(acl_users_0_s:lw_confluence_anonymous OR acl_users_0_s:ndipiazza OR acl_group_0_s:EngGroup OR acl_group_0_s:NorthAmericaGroup) AND(acl_users_1_s:lw_confluence_anonymous OR acl_users_1_s:ndipiazza OR acl_group_1_s:EngGroup OR acl_group_1_s:NorthAmericaGroup) AND(acl_users_2_s:lw_confluence_anonymous OR acl_users_2_s:ndipiazza OR acl_group_2_s:EngGroup OR acl_group_2_s:NorthAmericaGroup)
As you see, because these are AND’d together, if the user does not match EACH level of permissions, the user cannot see the document and the doc will be filtered out.
When entering configuration values in the UI, use unescaped characters, such as