Where security isn’t enough for jenkins

Standard

recently I set up a Jenkins server with login removed, and I got complains from the higher ups that it is the wrong way of doing things, so I have to add it back.

unfortunately when I check the jenkins config.xml, useSecurity is changed to true yet the application still disable login. So what I did is that I download a separate localhost jenkins to do a file comparison, and low and behold, there are other changes needed to revert back the login.

Please ensure that your Jenkins config.xml has the following setup:

  <useSecurity>true</useSecurity>

  <authorizationStrategy class="hudson.security.FullControlOnceLoggedInAuthorizationStrategy">

    <denyAnonymousReadAccess>true</denyAnonymousReadAccess>

  </authorizationStrategy>

  <securityRealm class="hudson.security.HudsonPrivateSecurityRealm">

    <disableSignup>true</disableSignup>

    <enableCaptcha>false</enableCaptcha>

  </securityRealm>

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s