When a GitHub user outside an authorized organization log in into Jenkins, his access is denied but he has still a view on the Jenkins web UI (with no rights).

A simple 403 page without any Jenkins menu display would enhance the feeling of a strong "access denied".

I make this request because this was a remark from an external security audit of our tools. The idea is to reduce the attack surface.