How can I ensure that my jenkins build server is accessed only by authorized users

0 votes
what's the procedure to protect my Jenkins build server from random access by anybody?
Aug 6, 2019 in Jenkins by Karan
• 19,610 points
785 views

1 answer to this question.

0 votes

Anyone can make use of the URL for accessing the Jenkins and perform the tasks of all kinds available in Jenkins. Hence, this needs to be secured. As a best practice, it is recommended to always secure Jenkins and then configure the global security.

Below are the steps to be followed in order to secure Jenkins:

  1. Deploy the Jenkins.war and start the server.

  2. Open the Jenkins home page and click on Manage Jenkins.

  3. In the Manage Jenkins page, click on Setup Security button.

  4. In the next page, select the enable security check box.

  5. Here, the very first thing to be done is to set the security realm. The easiest way to do this is to have Jenkins with our own database. To achieve this, select the option Jenkins own user database. Also, ensure that Allow users to sign up checkbox is also checked. Save the configuration.

  6. Now a link Sign up will be available. Click on the same and fill the form to sign up. Once successful, log in with the account created.



    You can see the details in the Navbar, once you are logged in.

  7. Now click on the Manage Jenkins & select Configure Global Security. Under the security realm section, uncheck the option Allow users to sign up. This will ensure that no new users can be created with your permission.

  8. Now, we need to configure the authentication for the accounts. The 2 best options preferred are Matrix-based security & Project-base project authorization strategy. This enables you to set per user for the actions which they can perform. Here, I have considered Matrix-based security


     

  9. Save the form. Logout and login again.

  10. A login page will be displayed and login with the created account.

answered Aug 6, 2019 by Sirajul
• 59,230 points

Related Questions In Jenkins

0 votes
1 answer

How do I pass value from my Fake # script to the host build server (Jenkins)

You can use the EnvInject plugin to pass environment ...READ MORE

answered Jul 11, 2018 in Jenkins by Kalgi
• 2,680 points
1,365 views
0 votes
1 answer

How Can I measure Jenkins Build Performance?

If you go to the Jenkins page ...READ MORE

answered Jul 16, 2018 in Jenkins by Kalgi
• 2,680 points
2,186 views
0 votes
1 answer

Jenkins and Docker: How can I customize my jenkins pipeline to use docker?

Jenkins Pipeline is designed to easily use ...READ MORE

answered Aug 26, 2019 in Jenkins by Sirajul
• 59,230 points
1,699 views
+15 votes
2 answers

Git management technique when there are multiple customers and need multiple customization?

Consider this - In 'extended' Git-Flow, (Git-Multi-Flow, ...READ MORE

answered Mar 27, 2018 in DevOps & Agile by DragonLord999
• 8,450 points
4,039 views
+2 votes
1 answer
0 votes
1 answer
0 votes
2 answers

How do I secure my jenkins build?

Anyone can make use of the URL ...READ MORE

answered Aug 7, 2019 in Jenkins by Sirajul
• 59,230 points
1,394 views
webinar REGISTER FOR FREE WEBINAR X
REGISTER NOW
webinar_success Thank you for registering Join Edureka Meetup community for 100+ Free Webinars each month JOIN MEETUP GROUP