• Icon: Improvement Improvement
    • Resolution: Fixed
    • Icon: Major Major
    • core
    • None
    • Platform: All, OS: All

      Currently Hudson is configured to recognize JavaServlet view of authenticated
      users. In the setup module a user can request hudson to enable security or
      eschew it.

      I would like to see 2 options for enable security:

      Option #1: Require a user to have an admin role in order to launch a build or
      configure anything. This option is supproted today.

      Option #2: Forbid un authenticated users from seeing any information about the
      hudson configuration and/or projects. Currently I can have this effect by
      modifying build.xml to set the protected URL to / but I get the undesirable side
      effect of requiring authentication to even see the graphics on the login page.

      This feature is important to users who have internet accessible Hudson sites.

          [JENKINS-326] Implement fine-grained access control

            Unassigned Unassigned
            pmendelson pmendelson
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated:
              Resolved: