I was asked to look into possible ways of adressing some security concerns and I was wondering if anyone here can help with pointing good sources to read about it.
Here are the issues: 1. account lockout - is it possible to lock the account after a certain number of unsuccessful login attempts (Active Directory in use)? 2. session identifier - is it possible to change session identifier values after login (to prevent a risk of the user being impersonated)? Thank in advance for your help! -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/cf4cc104-f892-422e-acff-a792d66c2ec5n%40googlegroups.com.
