Jenkins security - hide all screens unless user is logged in Jenkins security - hide all screens unless user is logged in jenkins jenkins

Jenkins security - hide all screens unless user is logged in


jenkins continuous-integration

This can be done with the Role-Strategy plugin.

Install the plugin, add a new group called "Anonymous" and uncheck everything. Then you want to add another group called "authenticated" and check everything. Add your existing users to this group. Jenkins will immediately prompt you for a login this way.

jenkins continuous-integration

You can use https://wiki.jenkins-ci.org/display/JENKINS/Role+Strategy+Plugin

it allows to specify to define roles and assign roles to users, users with no roles won't even see the jenkins ui.

jenkins continuous-integration

Answer to an old question but I came searching here as I am trying to auto spin up a Jenkins instance on Docker and found the same issue.

Good chance this option wasn't available when the question was asked. As of this moment (v2.222.3 but not sure how far back), it turns out you can do this without installing any additional plugins.

Manually

  • Navigate to Global Security (Jenkins > Manage Jenkins > Global Security)

  • Update the Authorization section to "Logged-in users can do anything".

    UNCHECK Allow anonymous read access

enter image description here

Any unauthenticated access will redirect to login now.

I would note that if you setup Jenkins through the setup wizard then anonymous read access is disabled by default. If you want this behaviour AND want to configure jenkins automatically, read on.

Automated with Docker

My situation is that I wanted to check out my repo, run my compose file and have all my config/users/plugins etc ready to go. Great post here with more detail if interested.

In a nutshell:

Dockerfile

FROM jenkins/jenkins:lts-alpine# Disable setup wizard since security.groovy creates our userENV JAVA_OPTS="-Djenkins.install.runSetupWizard=false"COPY security.groovy /usr/share/jenkins/ref/init.groovy.d/security.groovy

security.groovy

#!groovyimport jenkins.model.*import hudson.security.*def instance = Jenkins.getInstance()// Create Admin Userdef hudsonRealm = new HudsonPrivateSecurityRealm(false)hudsonRealm.createAccount("admin", "admin") // Dont do this. This is badinstance.setSecurityRealm(hudsonRealm)// Set Auth to Full Control Once Logged In and prevent read-only accessdef strategy = new FullControlOnceLoggedInAuthorizationStrategy()strategy.setAllowAnonymousRead(false)instance.setAuthorizationStrategy(strategy)instance.save()

In particular, strategy.setAllowAnonymousRead(false) is what's needed

Recent Posts
How can I color dots in a xy scatterplot according to column value?
How to update a claim in ASP.NET Identity?
What does {0} mean when initializing an object?
Accessing members of items in a JSONArray with Java
How to log SQL statements in Spring Boot?
Powershell Get-WebSite name parameter is ignored
How to detect scroll to bottom of html element
Java synchronized method
How to test controllers with CodeIgniter?
Detect Visual Composer
Matplotlib: Specify format of floats for tick labels
Rails join a list of strings with commas and "and" before the last