• Icon: Improvement Improvement
    • Resolution: Fixed
    • Icon: Major Major
    • core
    • None
    • Platform: All, OS: All

      Currently Hudson is configured to recognize JavaServlet view of authenticated
      users. In the setup module a user can request hudson to enable security or
      eschew it.

      I would like to see 2 options for enable security:

      Option #1: Require a user to have an admin role in order to launch a build or
      configure anything. This option is supproted today.

      Option #2: Forbid un authenticated users from seeing any information about the
      hudson configuration and/or projects. Currently I can have this effect by
      modifying build.xml to set the protected URL to / but I get the undesirable side
      effect of requiring authentication to even see the graphics on the login page.

      This feature is important to users who have internet accessible Hudson sites.

          [JENKINS-326] Implement fine-grained access control

          pmendelson created issue -
          Kohsuke Kawaguchi made changes -
          Link New: This issue is duplicated by JENKINS-565 [ JENKINS-565 ]
          Kohsuke Kawaguchi made changes -
          Link New: This issue is duplicated by JENKINS-1033 [ JENKINS-1033 ]
          Kohsuke Kawaguchi made changes -
          Resolution New: Fixed [ 1 ]
          Status Original: Open [ 1 ] New: Resolved [ 5 ]
          Andrew Bayer made changes -
          Status Original: Resolved [ 5 ] New: Closed [ 6 ]
          Jenkins IRC Bot made changes -
          Component/s New: core [ 15593 ]
          Component/s Original: www [ 15484 ]
          R. Tyler Croy made changes -
          Workflow Original: JNJira [ 130399 ] New: JNJira + In-Review [ 199779 ]

            Unassigned Unassigned
            pmendelson pmendelson
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated:
              Resolved: