Jenkins is accessible for everyone with no permissions. Basically anyone can do anything. This should be used for internal use only.
User authentication (all admins)
All users are admins. The authentication method can use Jenkins’ own user database, LDAP, Unix user/group database, servelet container (e.g. Tomcat or Glassfish user DB) or other authentication plugins. This can be used when there is no need to restrict users from doing certain actions.
This is a global permission per role/group security strategy where each user where permissions are associated with groups to which users belong to. This is the most common authorization to use for multiple users.
Project based matrix
It is authorization strategy where user permissions can be configured per individual jobs. Once activated, permission matrix can be activated on each job page. Useful when specific jobs shouldn't be accessed by certain users.
相關頁面：確保Jenkins - 訪問控制的安全性。