Package hudson.security

Security-related code.

See:
Description

Interface Summary

AccessControlled	Object that has an ACL
InvalidatableUserDetails	Deprecated. Starting 1.285, Hudson stops persisting Authentication altogether (see NonSerializableSecurityContext), so there's no need to use this mechanism.

Class Summary

AbstractPasswordBasedSecurityRealm	Partial implementation of SecurityRealm for username/password based authentication.
AccessDeniedHandlerImpl	Handles AccessDeniedException happened during request processing.
ACL	Gate-keeper that controls access to Hudson's model objects.
AuthenticationManagerProxy	AuthenticationManager proxy that delegates to another instance.
AuthenticationProcessingFilter2	AuthenticationProcessingFilter with a change for Jenkins so that we can pick up the hidden "from" form field defined in login.jelly to send the user back to where he came from, after a successful authentication.
AuthorizationMatrixProperty	JobProperty to associate ACL for each project.
AuthorizationMatrixProperty.ConverterImpl	Persist ProjectMatrixAuthorizationStrategy as a list of IDs that represent GlobalMatrixAuthorizationStrategy.grantedPermissions.
AuthorizationMatrixProperty.DescriptorImpl
AuthorizationStrategy	Controls authorization throughout Hudson.
AuthorizationStrategy.Unsecured
AuthorizationStrategy.Unsecured.DescriptorImpl
BasicAuthenticationFilter	Implements the dual authentcation mechanism.
ChainedServletFilter	Servlet Filter that chains multiple Filters.
CliAuthenticator	Handles authentication for CLI commands.
ContainerAuthentication	Authentication implementation for Principal given through HttpServletRequest.
DeferredCreationLdapAuthoritiesPopulator	Deprecated. as of 1.280 SecurityRealm.SecurityComponents are now created after SecurityRealm is created, so the initialization order issue that this code was trying to address no longer exists.
FederatedLoginService	Abstraction for a login mechanism through external authenticator/identity provider (instead of username/password.)
FederatedLoginServiceUserProperty	Remembers identifiers given by FederatedLoginService to this user.
FullControlOnceLoggedInAuthorizationStrategy	AuthorizationStrategy that grants full-control to authenticated user (other than anonymous users.)
GlobalMatrixAuthorizationStrategy	Role-based authorization via a matrix.
GlobalMatrixAuthorizationStrategy.ConverterImpl	Persist GlobalMatrixAuthorizationStrategy as a list of IDs that represent GlobalMatrixAuthorizationStrategy.grantedPermissions.
GlobalMatrixAuthorizationStrategy.DescriptorImpl
GlobalSecurityConfiguration	Security configuration.
GroupDetails	Represents the details of a group.
HttpSessionContextIntegrationFilter2	Erases the SecurityContext persisted in HttpSession if InvalidatableUserDetails.isInvalid() returns true.
HudsonAuthenticationEntryPoint	For anonymous requests to pages that require authentication, first respond with HttpServletResponse.SC_FORBIDDEN, then redirect browsers automatically to the login page.
HudsonFilter	Filter that Jenkins uses to implement security support.
HudsonPrivateSecurityRealm	SecurityRealm that performs authentication by looking up User.
HudsonPrivateSecurityRealm.DescriptorImpl
HudsonPrivateSecurityRealm.Details	UserProperty that provides the UserDetails view of the User object.
HudsonPrivateSecurityRealm.Details.ConverterImpl
HudsonPrivateSecurityRealm.Details.DescriptorImpl
HudsonPrivateSecurityRealm.ManageUserLinks	Displays "manage users" link in the system config if HudsonPrivateSecurityRealm is in effect.
HudsonPrivateSecurityRealm.SignupInfo
LegacyAuthorizationStrategy	AuthorizationStrategy implementation that emulates the legacy behavior.
LegacyAuthorizationStrategy.DescriptorImpl
LegacySecurityRealm	SecurityRealm that accepts ContainerAuthentication object without any check (that is, by assuming that the such token is already authenticated by the container.)
Messages
NoopFilter	Filter that does nothing.
NotSerilizableSecurityContext	Deprecated. use NonSerializableSecurityContext instead
Permission	Permission, which represents activity that requires a security privilege.
PermissionGroup	Group of Permissions that share the same owner.
PermissionScope	Represents the model class Permission acts on and scoped to.
ProjectMatrixAuthorizationStrategy	GlobalMatrixAuthorizationStrategy plus per-project ACL.
ProjectMatrixAuthorizationStrategy.ConverterImpl
RememberMeServicesProxy	RememberMeServices proxy.
SecurityRealm	Pluggable security realm that connects external user database to Hudson.
SecurityRealm.SecurityComponents	Just a tuple so that we can create various inter-related security related objects and return them all at once.
SidACL	ACL that checks permissions based on GrantedAuthority of the Authentication.
SparseACL	Access control list.
SparseACL.Entry
TokenBasedRememberMeServices2	TokenBasedRememberMeServices with modification so as not to rely on the user password being available.
UnwrapSecurityExceptionFilter	If AcegiSecurityException caused JellyTagException, rethrow it accordingly so that ExceptionTranslationFilter can pick it up and initiate the redirection.
UserDetailsServiceProxy	UserDetailsService proxy that delegates to another instance.
WhoAmI	Expose the data needed for /whoAmI, so it can be exposed by Api.

Enum Summary

SecurityMode

What security enforcement does Hudson do?

Exception Summary

AccessDeniedException2	AccessDeniedException with more information.
FederatedLoginService.UnclaimedIdentityException	Used in FederatedLoginService.FederatedIdentity.signin() to indicate that the identifier is not currently associated with anyone.
UserMayOrMayNotExistException	Thrown from UserDetailsService.loadUserByUsername(String) to indicate that the underlying SecurityRealm is incapable of retrieving the information, and furthermore, the system cannot tell if such an user exists or not.

Package hudson.security Description

Security-related code. See: Making your plugin behave in secured Jenkins