Package jenkins.security

Interface Summary

Interface	Description
CustomClassFilter	Allows extensions to adjust the behavior of ClassFilter.DEFAULT.
HudsonPrivateSecurityRealmTagLib
SecureRequester	An extension point for authorizing REST API access to an object where an unsafe result type would be produced.

Class Summary

Class	Description
ApiCrumbExclusion	JENKINS-22474: Makes API Token calls bypass CSRF protection to ease usage
ApiTokenFilter	Deprecated as of 1.576 Use BasicHeaderProcessor
ApiTokenProperty	Remembers the API token for this user, that can be used like a password to login.
ApiTokenProperty.DescriptorImpl
ApiTokenProperty.TokenInfoAndStats
BasicApiTokenHelper
BasicHeaderApiTokenAuthenticator	Checks if the password given in the BASIC header matches the user's API token.
BasicHeaderAuthenticator	When Jenkins receives HTTP basic authentication, this hook will validate the username/password pair.
BasicHeaderProcessor	Takes "username:password" given in the Authorization HTTP header and authenticates the request.
BasicHeaderRealPasswordAuthenticator	Checks if the password given in the BASIC header matches the user's actual password, as opposed to other pseudo-passwords like API tokens.
ChannelConfigurator	Intercepts the new creation of Channel and tweak its configuration.
ClassFilterImpl	Customized version of ClassFilter.DEFAULT.
ConfidentialKey	Confidential information that gets stored as a singleton in Jenkins, mostly some random token value.
ConfidentialStore	The actual storage for the data held by ConfidentialKeys, and the holder of the master secret.
CryptoConfidentialKey	ConfidentialKey that stores a SecretKey for shared-secret cryptography (AES).
CustomClassFilter.Contributed	Standard filter which can load whitelists and blacklists from plugins.
CustomClassFilter.Static	Standard filter which pays attention to a system property.
DefaultConfidentialStore	Default portable implementation of ConfidentialStore that uses a directory inside $JENKINS_HOME.
ExceptionTranslationFilter	Handles any AccessDeniedException and AuthenticationException thrown within the filter chain.
FrameOptionsPageDecorator	Adds the 'X-Frame-Options' header to all web pages.
HexStringConfidentialKey	ConfidentialKey that is the random hexadecimal string of length N.
HMACConfidentialKey	ConfidentialKey that's used for creating a token by hashing some information with secret (such as hash(msg|secret)).
ImpersonatingExecutorService	Uses ACL.impersonate(Authentication) for all tasks.
ImpersonatingScheduledExecutorService	Variant of ImpersonatingExecutorService for scheduled services.
ImpersonatingUserDetailsService	UserDetailsService for those SecurityRealm that doesn't allow query of other users.
LastGrantedAuthoritiesProperty	Remembers the set of GrantedAuthoritys that was obtained the last time the user has logged in.
LastGrantedAuthoritiesProperty.DescriptorImpl
LastGrantedAuthoritiesProperty.SecurityListenerImpl	Listen to the login success/failure event to persist GrantedAuthoritys properly.
MasterToSlaveCallable<V,T extends Throwable>	Convenient Callable meant to be run on agent.
Messages	Generated localization support class.
NonSerializableSecurityContext	The same as SecurityContextImpl but doesn't serialize Authentication.
NotReallyRoleSensitiveCallable<V,T extends Throwable>	Callable adapter for situations where Callable is not used for remoting but just as a convenient function that has parameterized return value and exception type.
QueueItemAuthenticator	Extension point to run Queue.Executables under a specific identity for better access control.
QueueItemAuthenticatorConfiguration	Show the QueueItemAuthenticator configurations on the system config page.
QueueItemAuthenticatorConfiguration.ProviderImpl
QueueItemAuthenticatorDescriptor	Descriptor for QueueItemAuthenticator.
QueueItemAuthenticatorMonitor	Display an administrative monitor if we expect QueueItemAuthenticator to be a useful security measure, but either it's not present, or potentially badly configured.
QueueItemAuthenticatorMonitor.QueueListenerImpl
QueueItemAuthenticatorProvider	There are cases where a plugin need to provide a QueueItemAuthenticator that cannot be controlled or configured by the user.
RedactSecretJsonInErrorMessageSanitizer
RekeySecretAdminMonitor	Warns the administrator to run SecretRewriter
ResourceDomainConfiguration	Configure the resource root URL, an alternative root URL to serve resources from to not need Content-Security-Policy headers, which mess with desired complex output.
ResourceDomainFilter	Prohibit requests to Jenkins coming through a resource domain URL configured with ResourceDomainConfiguration, except anything going to ResourceDomainRootAction.
ResourceDomainRecommendation	Recommend use of ResourceDomainConfiguration to users with the system property hudson.model.DirectoryBrowserSupport.CSP set to override DirectoryBrowserSupport.DEFAULT_CSP_VALUE.
ResourceDomainRootAction	Root action serving DirectoryBrowserSupport instances on random URLs to support resource URLs (second domain).
ResourceDomainRootAction.Token
Roles	Predefined Roles in Jenkins.
RSAConfidentialKey	RSA public/private key pair as ConfidentialKey.
RSADigitalSignatureConfidentialKey	RSA digital signature as ConfidentialKey to prevent accidental leak of private key.
SecureRequester.Default
SecurityContextExecutorService	Creates a delegating ExecutorService implementation whose submit and related methods capture the current SecurityContext and then wrap any runnable/callable objects in another runnable/callable that sets the context before execution and resets it afterwards.
SecurityListener	Listener notified of various significant events related to security.
SlaveToMasterCallable<V,T extends Throwable>	Convenient Callable that are meant to run on the master (sent by agent/CLI/etc).
SuspiciousRequestFilter
UpdateSiteWarningsConfiguration	Configuration for update site-provided warnings.
UpdateSiteWarningsMonitor	Administrative monitor showing plugin/core warnings published by the configured update site to the user.
UserDetailsCache	Cache layer for UserDetails lookup.