Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Jenkins security - hide all screens unless user is logged in

I don't know why "logged in users can do anything" means Jenkins will happily allow non-authenticated users to view project details and access artifacts... Regardless, I need to know how to get Jenkins to allow logged in users to to anything AND hide EVERYTHING for users who AREN'T logged in. Help please?

like image 354
cbmanica Avatar asked Jan 09 '13 00:01

cbmanica


People also ask

What is legacy mode in Jenkins?

Legacy mode. Behaves exactly the same as Jenkins <1.164. Namely, if a user has the "admin" role, they will be granted full control over the system, and otherwise (including anonymous users) will only have the read access. Do not use this setting for anything other than local test Jenkins controllers.

What are the options for security in Jenkins?

Core Jenkins supports four security realms: delegate to servlet container, Jenkins's own user database, LDAP, and Unix user/group database. The "Unix user/group database" option uses Unix's PAM database to authenticate Jenkins users.

Which security mechanisms Jenkins uses to authenticate users?

Jenkins can use a lightweight Directory Access Protocol (LDAP) server to authenticate users.


1 Answers

This can be done with the Role-Strategy plugin.

Install the plugin, add a new group called "Anonymous" and uncheck everything. Then you want to add another group called "authenticated" and check everything. Add your existing users to this group. Jenkins will immediately prompt you for a login this way.

like image 163
Kevin Brotcke Avatar answered Oct 04 '22 05:10

Kevin Brotcke