Access control, which ensures users are authenticated when accessing Jenkins and their activities are authorized. Protecting Jenkins against external threats ...
Jenkins protects from cross-site request forgery (CSRF) by default. This chapter explains how to work around any problems this may cause. This is set up ...
Access Control. Access Control is the primary mechanism for securing a Jenkins environment against unauthorized usage. Two facets of configuration are ...
When using organization folders or multibranch Pipelines, Jenkins automatically builds new pull requests by default. Especially when a Jenkins instance builds ...
The Jenkins project takes security seriously. We make every possible effort to ensure users can adequately secure their automation infrastructure.
Jenkins has a security mechanism in place so that the administrator of Jenkins can control who gets access to what part of Jenkins. The key components of this ...
Authentication (users prove who they are) is done using a security realm. The security realm determines user identity and group memberships.
To ensure the stability of the Jenkins controller, builds should be executed on other nodes than the built-in node. This concept is called distributed ...
You should lock down the access to Jenkins UI so that users are authenticated and appropriate set of permissions are given to them. This setting is controlled ...
By default, builds run as the internal SYSTEM user that has full permissions to run on any node, create or delete jobs, start and cancel other builds, etc.