Working together with a customer, we developed a document management solution that can give over 15,000 employees secure access to information on internal documents. For the document management solution, we primarily chose Confluence and Insight for Jira, which are accessible only from the customer’s intranet.
The Challenge: Content Delivery, Filters & Access
A solution was needed to replace a state that was error-prone and costly. Previously, the data was maintained and versioned locally by individuals within the company, and then sent as an independent data source to internationally distributed contacts via e-mail, who in turn passed it on to others or communicated the information contained verbally. The file had an expiry date as protection, but this ultimately contributed to the increased administrative burden.
Delivering content with Insight
The information on the documents was previously maintained in the Microsoft Access database software. As mentioned above, this single file was made available in different versions over time. It is therefore a historically grown file, which has been extended again and again with details in the past. Thus, a data foundation was created which, for example, represented the same values in different columns.
To relieve this situation, the data was transferred from Access to Insight. For this purpose, an intermediate export of the data in csv format could be made, which can be mapped directly into Insight. A data streamlining was also carried out in order to make the management of the information easier and to enable a structured accessibility. The requirement here was that a third party could later maintain the information on the documents without having to build up a lot of know-how.
With Insight, the stored information can be made available in a prepared form and its context becomes clearer than, for example, maintaining this information in Excel or Access. Since Insight is primarily an app for Jira, the data for a view in Confluence does not have to be prepared separately, but can be accessed via a macro.
Dynamic IQL generation using filters
As an additional app, Mindville and Atlassian provide the Insight Macro for Confluence. With this macro, an IQL statement can be called and the result can be displayed in table form on a Confluence page.
For our application purposes, the macro is again called via a Confluence user macro developed by Honicon specifically for this solution. This allows for further customization of the macro and a dynamic call of the macro among other enhancements.
The dynamic call of the macro is necessary to let the end users apply a filter to the information stored in Insight without having any experience with IQL or similar. For this purpose, an HTML form is initially stored in the user macro, in which all important parameters as well as a text search are available. After submitting the form as a filter, a Velocity script is then executed that combines IQL from the various parameters and runs it against Insight.
By calling via Velocity, the content from Insight is secured. For example, no changes can be made to the IQL afterwards. Thus, undesired access is avoided as the contents are available on the intranet but anonymously.
Access for many with few licenses
Access to Confluence is not intended for every employee at the client. So for various reasons, such as license costs, access via Confluence should be for anonymous users. This is in contrast to the fact that Insight needs a license not only for Confluence but especially for Jira to allow or restrict access to the desired data source.
The client’s access to Confluence is organized similar to an intranet. Although Confluence is generally accessible via the Internet, it can only be accessed if you have previously logged in to the intermediary OAuth service. In the context of the client, anonymous access means access by employees. Honicon has taken advantage of this existing logic for this solution.
Typically, we have an automatic login with the OAuth token using the K-SSO SAML Kerberos OAuth for Confluence app from Kantega SSO, which we recommend, and this customer is also using it. This allows us to disable this login also space by Conluence space.
For our solution, we have provided a function in the user macro that recognizes whether an employee is logged in or not. If an employee opens one of the pages in the Confluence space, the employee is anonymous to the system at first, i.e. without a Confluence license. The user macro then automatically logs him in with a predefined user account. This account has the necessary rights in Confluence and Jira to display the content from Insight.
Conclusion of the Document Management solution
Through the combination of different tools (e.g. Confluence & Insight) and methods (e.g. user macros & Velocity) we have developed a solution together with the customer, which allows to solve a complex problem under the premise of saving license costs and using only existing tools. Outdated tools, which regularly caused errors and were no longer up-to-date, were replaced by modern web technologies, which are easier to maintain and fit better into the customer’s existing process and tool landscape.
The Addon Insight Asset Management will be available free of charge for the latest versions of Jira Data Center from early February 2021 and is included as standard. So similar solutions are also imaginable for you.
Do you have questions about the solution presented here or are you facing a similar challenge? Please feel free to contact us.