Access control, which ensures users are authenticated when accessing Jenkins and their activities are authorized. Protecting Jenkins against external threats ...
Jenkins protects from cross-site request forgery (CSRF) by default. This chapter explains how to work around any problems this may cause. This is set up ...
Access Control. Access Control is the primary mechanism for securing a Jenkins environment against unauthorized usage. Two facets of configuration are ...
When using organization folders or multibranch Pipelines, Jenkins automatically builds new pull requests by default. Especially when a Jenkins instance builds ...
This setting is controlled mainly by two axes: Security Realm, which determines users and their passwords, as well as what groups the users belong to.
The Jenkins project takes security seriously. We make every possible effort to ensure users can adequately secure their automation infrastructure.
Authentication (users prove who they are) is done using a security realm. The security realm determines user identity and group memberships.
Jenkins has a security mechanism in place so that the administrator of Jenkins can control who gets access to what part of Jenkins. The key components of this ...
Setting up distributed builds in Jenkins is a great start for protecting the Jenkins controller from malicious (or just broken) build scripts, but care needs ...
By default, builds run as the internal SYSTEM user that has full permissions to run on any node, create or delete jobs, start and cancel other builds, etc.
Unmatched resilience, scalability & performance with CloudBees CI's High Availability mode