How to create and add users to a group in Jenkins for authentication?
Solution 1
According to this posting by the lead Jenkins developer, Kohsuke Kawaguchi, in 2009, there is no group support for the built-in Jenkins user database. Group support is only usable when integrating Jenkins with LDAP or Active Directory. This appears to be the same in 2012.
However, as Vadim wrote in his answer, you don't need group support for the built-in Jenkins user database, thanks to the Role strategy plug-in.
Solution 2
You could use Role Strategy plugin for that purpose. It works like a charm, just setup some roles and assign them. Even on project-specific level.
Solution 3
I installed the Role plugin under Jenkins-3.5, but it does not show the "Manage Roles" option under "Manage Jenkins", and when one follows the security install page from the wiki, all users are locked out instantly. I had to manually shutdown Jenkins on the server, restore the correct configuration settings (/me is happy to do proper backups) and restart Jenkins.
I didn't have high hopes, as that plugin was last updated in 2011
samxiao
Working in the Smartphone/Tablets industry as software engineer. Enjoy and interested in all types of new ideas in the technology field. Main focus are on: Java, Ruby, Rspec, Build, SCM, Git, source version control, JUnit, AspectJ, Android, BlackBerry.
Updated on April 28, 2020Comments
-
samxiao almost 4 years
I choose to use "Jenkins's own user database" security realm for user login as I couldn't use LDAP in my company. And Google's OpenID has issue when you decided to change the hostname or port number to something else.
And I use "Project-based Matrix Authorization Strategy" schema for my security.
But I don't seem to able to create my own group, and add users to the group to manage the permission.
-
Vadim Kotov about 11 yearsJenkins 3.5? Latest version is 1.509 now.
-
Nikolay Ruban over 9 yearsIt's not recommended to switch authentication style until roles will be set properly. Otherwise you'll get your system locked, even in current session.
-
tbradt about 9 years@Nikolay Ruban - It can be tricky to accomplish that first sentence with Role-based Strategy authorization, since you can't get to the screen to create/assign roles until you set that authorization strategy on the Configure Global Security page. I believe if you first set up matrix based security and assign Overall Administer permissions to Anonymous (or the user with which you are currently logged in), that is ported to the initial role based role assignments. That is my recollection.
-
tbradt about 9 yearsAlso, there is a way to disable security in Jenkins if you get yourself locked out - just google "jenkins disable security". I've had to do that myself. ;-)
-
dpinya over 6 yearsYou must change the security strategy to "Role-based strategy" before the "Manage Roles" icon appears under "Manage Jenkins"