Details
-
Type:
Improvement
-
Status: Closed (View Workflow)
-
Priority:
Minor
-
Resolution: Duplicate
-
Component/s: github-oauth-plugin
-
Labels:None
-
Similar Issues:
Description
When a GitHub user outside an authorized organization log in into Jenkins, his access is denied but he has still a view on the Jenkins web UI (with no rights).
A simple 403 page without any Jenkins menu display would enhance the feeling of a strong "access denied".
I make this request because this was a remark from an external security audit of our tools. The idea is to reduce the attack surface.
Attachments
Issue Links
- duplicates
-
JENKINS-46962 Github Users Outside Organisation get an authenticated user in Jenkins.
-
- Open
-