Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-53364

github-oauth-plugin -Simpler 403 page

    XMLWordPrintable

    Details

    • Similar Issues:

      Description

      When a GitHub user outside an authorized organization log in into Jenkins, his access is denied but he has still a view on the Jenkins web UI (with no rights).

      A simple 403 page without any Jenkins menu display would enhance the feeling of a strong "access denied".

      I make this request because this was a remark from an external security audit of our tools. The idea is to reduce the attack surface.

       

       

        Attachments

          Issue Links

          duplicates

          Improvement - An improvement or enhancement to an existing feature or task. JENKINS-46962 Github Users Outside Organisation get an authenticated user in Jenkins.

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Open

            Activity

            There are no comments yet on this issue.

              People

              Assignee:
              sag47 Sam Gleske
              Reporter:
              arthurc Arthur Clément
              Votes:
              1 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: