How can I ensure that my jenkins build server is accessed only by authorized users?

0 votes
what's the procedure to protect my Jenkins build server from random access by anybody?
Aug 6 in Jenkins by Karan
• 2,080 points
32 views

1 answer to this question.

0 votes

Anyone can make use of the URL for accessing the Jenkins and perform the tasks of all kinds available in Jenkins. Hence, this needs to be secured. As a best practice, it is recommended to always secure Jenkins and then configure the global security.

Below are the steps to be followed in order to secure Jenkins:

  1. Deploy the Jenkins.war and start the server.

  2. Open the Jenkins home page and click on Manage Jenkins.

  3. In the Manage Jenkins page, click on Setup Security button.

  4. In the next page, select the enable security check box.

  5. Here, the very first thing to be done is to set the security realm. The easiest way to do this is to have Jenkins with our own database. To achieve this, select the option Jenkins own user database. Also, ensure that Allow users to sign up checkbox is also checked. Save the configuration.

  6. Now a link Sign up will be available. Click on the same and fill the form to sign up. Once successful, log in with the account created.



    You can see the details in the Navbar, once you are logged in.

  7. Now click on the Manage Jenkins & select Configure Global Security. Under the security realm section, uncheck the option Allow users to sign up. This will ensure that no new users can be created with your permission.

  8. Now, we need to configure the authentication for the accounts. The 2 best options preferred are Matrix-based security & Project-base project authorization strategy. This enables you to set per user for the actions which they can perform. Here, I have considered Matrix-based security


     

  9. Save the form. Logout and login again.

  10. A login page will be displayed and login with the created account.

answered Aug 6 by Sirajul
• 26,100 points

Related Questions In Jenkins

0 votes
1 answer

How do I pass value from my Fake # script to the host build server (Jenkins)

You can use the EnvInject plugin to pass environment ...READ MORE

answered Jul 11, 2018 in Jenkins by Kalgi
• 2,620 points
92 views
0 votes
1 answer

How Can I measure Jenkins Build Performance?

If you go to the Jenkins page ...READ MORE

answered Jul 16, 2018 in Jenkins by Kalgi
• 2,620 points
65 views
0 votes
1 answer

Jenkins and Docker: How can I customize my jenkins pipeline to use docker?

Jenkins Pipeline is designed to easily use ...READ MORE

answered Aug 26 in Jenkins by Sirajul
• 26,100 points
287 views
0 votes
1 answer

How can I create global macros and templates in jenkins job builder?

you can append the path to the ...READ MORE

answered Apr 2, 2018 in Jenkins by ajs3033
• 7,280 points
311 views
+13 votes
2 answers

Git management technique when there are multiple customers and need multiple customization?

Consider this - In 'extended' Git-Flow, (Git-Multi-Flow, ...READ MORE

answered Mar 26, 2018 in DevOps & Agile by DragonLord999
• 8,380 points
152 views
0 votes
1 answer
0 votes
1 answer
0 votes
2 answers

How do I secure my jenkins build?

Anyone can make use of the URL ...READ MORE

answered Aug 7 in Jenkins by Sirajul
• 26,100 points
45 views