I was asked to look into possible ways of adressing some security concerns and I was wondering if anyone here can help with pointing good sources to read about it.
Here are the issues: 1. account lockout - is it possible to lock the account after a certain number of unsuccessful login attempts (Active Directory in use)? 2. session identifier - is it possible to change session identifier values after login (to prevent a risk of the user being impersonated)? Thank in advance for your help! -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/cf4cc104-f892-422e-acff-a792d66c2ec5n%40googlegroups.com.
