For a Confluence plugin:
I upgraded my atlassian-rest-common reference in pom.xml from 7.0.3 to 7.1.1 to avoid a security vulnerability from an old version of org.codehaus.jettison and then I discovered that com.atlassian.plugins.rest.common.security.AnonymousAllowed has been deprecated in atlassian-rest-common 7.1.1.
What is the replacement?
We recommend using the
AnonymousSiteAccess annotation when access to anonymous users should only be permitted when the site has enabled global anonymous access.
If you wish for that resource to be accessible to all users irrespective of any other factor (as
AnonymousAllowed did) please use the
AnonymousAllowed as its ambiguous name and resulting mis-usage was exposing customers to vulnerabilities.