How to create and add users to a group in Jenkins for authentication?

security ldap hudson openid jenkins
127,569

Solution 1

According to this posting by the lead Jenkins developer, Kohsuke Kawaguchi, in 2009, there is no group support for the built-in Jenkins user database. Group support is only usable when integrating Jenkins with LDAP or Active Directory. This appears to be the same in 2012.

However, as Vadim wrote in his answer, you don't need group support for the built-in Jenkins user database, thanks to the Role strategy plug-in.

Solution 2

You could use Role Strategy plugin for that purpose. It works like a charm, just setup some roles and assign them. Even on project-specific level.

Solution 3

I installed the Role plugin under Jenkins-3.5, but it does not show the "Manage Roles" option under "Manage Jenkins", and when one follows the security install page from the wiki, all users are locked out instantly. I had to manually shutdown Jenkins on the server, restore the correct configuration settings (/me is happy to do proper backups) and restart Jenkins.

I didn't have high hopes, as that plugin was last updated in 2011

Share:
127,569
samxiao
Author by

samxiao

Working in the Smartphone/Tablets industry as software engineer. Enjoy and interested in all types of new ideas in the technology field. Main focus are on: Java, Ruby, Rspec, Build, SCM, Git, source version control, JUnit, AspectJ, Android, BlackBerry.

Updated on April 28, 2020

Comments

  • samxiao
    samxiao almost 4 years

    I choose to use "Jenkins's own user database" security realm for user login as I couldn't use LDAP in my company. And Google's OpenID has issue when you decided to change the hostname or port number to something else.

    And I use "Project-based Matrix Authorization Strategy" schema for my security.

    But I don't seem to able to create my own group, and add users to the group to manage the permission.

  • Vadim Kotov
    Vadim Kotov about 11 years
    Jenkins 3.5? Latest version is 1.509 now.
  • Nikolay Ruban
    Nikolay Ruban over 9 years
    It's not recommended to switch authentication style until roles will be set properly. Otherwise you'll get your system locked, even in current session.
  • tbradt
    tbradt about 9 years
    @Nikolay Ruban - It can be tricky to accomplish that first sentence with Role-based Strategy authorization, since you can't get to the screen to create/assign roles until you set that authorization strategy on the Configure Global Security page. I believe if you first set up matrix based security and assign Overall Administer permissions to Anonymous (or the user with which you are currently logged in), that is ported to the initial role based role assignments. That is my recollection.
  • tbradt
    tbradt about 9 years
    Also, there is a way to disable security in Jenkins if you get yourself locked out - just google "jenkins disable security". I've had to do that myself. ;-)
  • dpinya
    dpinya over 6 years
    You must change the security strategy to "Role-based strategy" before the "Manage Roles" icon appears under "Manage Jenkins"

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

HUDSON: how to manually encode the LDAP managerPassword?
Jenkins/Hudson - LDAP group *lookup* does not work
How to manage groups and users in Jenkins
Allow anonymous user to only view job list without browsing workspace in Jenkins
Copy generated folder from one job to another in Hudson/Jenkins
How to configure Jenkins to send emails?
Jenkins: Running remote test scripts and reporting results
Jenkins can't access shell alias
How to add some prebuild steps to jenkins?
Unable to find valid certification path to requested target in glassfish web service application