[JIRA] (JENKINS-53364) github-oauth-plugin -Simpler 403 page

2 views
Skip to first unread message

arthur.clement@protonmail.com (JIRA)

unread,
Aug 31, 2018, 6:18:02 AM8/31/18
to jenkinsc...@googlegroups.com
Arthur Clément created an issue
 
Jenkins / Improvement JENKINS-53364
github-oauth-plugin -Simpler 403 page
Issue Type: Improvement Improvement
Assignee: Sam Gleske
Components: github-oauth-plugin
Created: 2018-08-31 10:17
Priority: Minor Minor
Reporter: Arthur Clément

When a GitHub user outside an authorized organization log in into Jenkins, his access is denied but he has still a view on the Jenkins web UI (with no rights).

A simple 403 page without any Jenkins menu display would enhance the feeling of a strong "access denied".

I make this request because this was a remark from an external security audit of our tools. The idea is to reduce the attack surface.

 

 
Add Comment Add Comment
 
This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d)

sam.mxracer@gmail.com (JIRA)

unread,
Aug 10, 2019, 10:34:02 AM8/10/19
to jenkinsc...@googlegroups.com
Sam Gleske closed an issue as Duplicate
Change By: Sam Gleske
Status: Open Closed
Resolution: Duplicate
Reply all
Reply to author
Forward
0 new messages