Site announcement

We are switching off article comments on this website. Read about the upcoming changes to Atlassian Documentation.

You're visiting the Confluence Knowledge Base. Visit the Confluence Knowledge Base Home for an overview.

Skip to end of metadata
Go to start of metadata

Symptoms

The SharePoint Connector provides two SharePoint web parts:

  • Confluence Pages Tree View web part – Shows a hierarchy of page names linked to Confluence pages. Does not show images.
  • Confluence Page web part – Shows the content of a Confluence page, possibly including images.

Sometimes when using the Confluence Page web part in SharePoint, you may have a problem with images not displaying properly and showing up as broken links.

For more details on using these web parts, refer to the SharePoint Connector User's Guide.

Here is a page with broken image links:

Here is the same page, but with the image links working properly:

Problems with the Chart Macro

The {chart} macro generates an image within Confluence and shows that image to users in the wiki page. So this has the same potential for broken image links as described above.

One additional caveat is that the chart macro generates image links per user and those links are secured such that only that user can access them. This means that the following scenario will result in a broken image link for a chart within the Confluence Page web part:

  1. Log in to Confluence with your browser using one account (e.g., user1).
  2. Go to SharePoint in the same browser and log in with a different account (e.g., user2).
  3. Use the same browser within SharePoint to view a Confluence Page web part showing a wiki page that has a chart macro on it.

The HTML image link to a chart image provided to your browser through the Confluence Page web page will be for your SharePoint user (user2). However, your browser is authenticated to Confluence using a different user (user1), therefore access is denied to the image and the image is shown as a broken link.

Cause

When the Confluence Page web part requests the page content from Confluence, it uses web services to make the request. The Confluence web services return the page content in the form of HTML to the web part running on the SharePoint server. The web part in turn returns the HTML to the client's browser (to the user). This HTML contains simple text as well as links to images. Images are not embedded in the HTML. (Images can be embedded in a MIME email, but not instandard HTML for a browser.)

Any wiki pages with images will have HTML that contains something like this: <IMG SRC="url_to_image">. If the image is an attachment to a wiki page, the URL to the image will point to Confluence. The SharePoint server knows how to authenticate and connect to Confluence web services, but the user's browser may not. But it is the user's browser that is making a request for the image directly – the SharePoint server is not involved.

In summary, a broken image link shows when either the URL to the image source is no longer available or when access is denied for the user. The latter is the likely case for broken image links to images stored in Confluence, especially if your Confluence server does not allow anonymous access.

If you open a new browser instance and enter the URL to a Confluence image you may find that you are redirected to the Confluence login page. This can happen on the request of a page, but when the browser is simply requesting an image within a page and gets authorization denied, it will show the broken link instead.

You can test this scenario by doing the following:

  1. Open a new browser and navigate to a SharePoint page containing the Confluence Page web part that shows broken links for the images within Confluence.
  2. Go to Confluence in your browser. You should be taken to the login page.
  3. Log in to Confluence/
  4. Go back to the SharePoint page as in step 1 above. The page should now display the images properly.

Note that many browsers allow for multiple tabs and session state is maintained across all of those tabs. This is true with Firefox and IE7, for example. In these situations you could log into Confluence on one tab and go to SharePoint on another and the images will work properly provided that you refreshed your SharePoint page after logging into Confluence.

Resolution

Currently there are the following primary ways to prevent this issue:

  1. Use 'Remember Me'
    When you log in to Confluence, there is a checkbox below the username and password fields entitled 'Remember me'. Users can choose this option to remember their logins on a specific computer.
    (info) This is something that each user will need to do.
    If the user selects 'Remember me', the browser stores a cookie. Each time the user uses the same browser on that machine to access SharePoint, they will be able to request images from Confluence. This will work until the cookie times out, and the user has to log in to Confluence again.
  2. Adjust the Confluence Session Timeout
    This is more of a workaround. A Confluence administrator can increase the Confluence session timeout so that once the user is logged in to Confluence, they stay logged in for an extended period of time. This would reduce the likelihood of broken images, but not remove the possiblity. For this to work, the user must have logged in to Confluence recently before the SharePoint page containing the Confluence Page web part.
  3. Use a More Sophisticated Authentication Configuration
    In the SharePoint Connector configuration guide we discuss several options for authenticating to Confluence. Basically, two methods are relevant:
    1. NTLM (either through Tomcat + IIS or through JCIFS)
    2. Microsoft SSO
      If you are able to use NTLM with Confluence, most browsers will negotiate authorization for images as needed, assuming that the browser has been set up with the recommended browser settings.
      With Microsoft SSO, the SharePoint page returned to the client will pre-authenticate to Confluence in an attempt to prevent broken image links. There is script running on the page that will cause the browser to authenticate to Confluence before showing the contents of the Confluence Page web part. (Note that from time to time this does not work due to the asynchronous nature of the requests. A simple refresh of the page fixes the problem if broken images are shown.)
  4. Implement Custom Authentication for your Environment
    Some enterprises already use custom authentication with Confluence. They may have a third party single-sign on product such as SiteMinder and want to make sure that Confluence and SharePoint are integrated with it. In so doing, you can force requests to go through your own network device (such as ISA Server) which would redirect the request such that any request to SharePoint would ensure that there is a Confluence session established.