I have been playing around with the new jira, confluence, sso, stuff without understanding much of how it works and what it is good for. I managed to get a sso login with a password, and to log in into confluence, and found a link not working there.
Then I found that there is a "user page" in confluence which displays an e-mail address of mine, which I thought I had entered only in order to retieve a forgotten password, if need be. It does show the e-mail address, even while I am logged out. That means, the e-mail address is being published to the world.
I have this e-mail address now redirected to /dev/null/ (I am happy enough that, I had been using a special new address solely for this playing around) I shall NOT be using any of these programs, unless there is a way to keep e-mail addresses confidential, safe, and out of the reach of SPAMbots.
I am not mentioning URLs here on purpose, since this text will be published in the e-mail archive, and I do not want to establish links that could invite e-mail address collector bots.
Greetings - Purodha
Purodha:
Then I found that there is a "user page" in confluence which displays an e-mail address of mine, which I thought I had entered only in order to retieve a forgotten password, if need be. It does show the e-mail address, even while I am logged out. That means, the e-mail address is being published to the world.
i disabled public display of email addresses in jira and confluence.
- river.
toolserver-l@lists.wikimedia.org