• Browse
  • Pages
  • Blog
  • Labels
  • Attachments
  • Mail
  • Advanced

  • People Directory
  • Keyboard Shortcuts
  • Confluence Gadgets
• Kohsuke Kawaguchi
  • Recently Viewed

  • Profile
  • Network
  • Labels
  • Watches
  • Drafts
  • Settings

  • Log Out

1. Dashboard
2. Jenkins
3. …
4. Home
5. Use Jenkins
6. Securing Jenkins

Securing Jenkins

Skip to end of metadata

• Page restrictions apply
• Attachments:1
• Added by Kohsuke Kawaguchi, last edited by Jesse Glick on Aug 09, 2013  (view change)
• show comment hide comment

Comment: updated some obsolete information

Go to start of metadata

Jenkins Home Mailing lists Source code Bugtracker Security Advisories Events Donation Commercial Support Wiki Site Map Documents Meet Jenkins Use Jenkins Extend Jenkins Plugins Servlet Container Notes

In the default configuration, Jenkins does not perform any security check. This means any person accessing the website can configure Jenkins and jobs, and perform builds. While this configuration is acceptable during initial evaluation of the software, Jenkins should be configured to authenticate users and enforce access control in most other situations, especially when exposed to the Internet. This setting is controlled mainly by two axes: Security Realm, which determines users and their passwords, as well as what groups the users belong to. Authorization Strategy, which determines who has access to what. These two axes are orthogonal, and need to be individually configured. For example, you might choose to use external LDAP or Active Directory as the security realm, and you might choose "everyone full access once logged in" mode for authorization strategy. Or you might choose to let Jenkins run its own user database, and perform access control based on the permission/user matrix. Topics Quick and Simple Security — if you are running Jenkins like "java -jar jenkins.war" and only need a very simple set up Standard Security Setup — discusses the most common set up of letting Jenkins run its own user database and do finer-grained access control Apache frontend for security — run Jenkins behind Apache and perform access control in Apache instead of Jenkins Authenticating scripted clients — if you need to programatically access security-enabled Jenkins web UI, use BASIC auth Help! I locked myself out! — if something goes really wrong and you can't get full access anymore Matrix-based security — Granting and denying finer-grained permissions CSRF Independently of authentication and authorization, you generally should enable to option to use “crumbs” to defend Jenkins against CSRF attacks. Markup formatting Again independently, you can select what kind of rich-text markup is permitted in things like job descriptions. The default formatter allows a restricted subset of HTML. You can choose others, typically based on wiki syntaxes. Security Implication Note that even when security is enabled, builds that are run on the “master computer” can read, or modify, files in $JENKINS_HOME. Since only Jenkins administrators should have that authority, you should generally configure the master to have no executors, and run builds only on slaves. Also, slaves that are connected to Jenkins gain the full access to the entire Jenkins build cluster, since a slave can send code to the master to be executed.

Labels parameters

Labels

Add Labels Done

Enter labels to add to this page:

 

Looking for a label? Just start typing.

Child Pages (8)

  Show Child Pages  |  Reorder Pages  |  Add Child Page

Comments (2)

 

• Hide Comments Show Comments
• Collapse All Collapsing… Expanding… Expand All
• Add Comment

1. 

   Oct 17, 2008

   dmulter - says:

   I understand the security implications on the master, but what is meant by slave...

   I understand the security implications on the master, but what is meant by slaves being able to send code to the master for execution? Can a slave build script specify actions to be executed on the master? I thought distributed builds worked by running the build on a (mostly) replicated copy of the master environment and returning results back to the master. Maybe I lack details on the whole master/slave interaction during a build. More details on this and security will help to assess the best security tradeoffs.

   • Permalink

   • Reply

2. 

   Mar 19, 2014

   Robert Berger says:

   It would be wonderful if someone could show how to setup and enable security pro...

   It would be wonderful if someone could show how to setup and enable security programmatically with Groovy or the CLI.

   I can find examples of how to set up user authentication but not how to do the base enabling of security

   • Permalink

   • Reply

Add Comment

Powered by a free Atlassian Confluence Open Source Project License granted to Jenkins. Evaluate Confluence today.

• Powered by Atlassian Confluence 3.4.7, the Enterprise Wiki
• Printed by Atlassian Confluence 3.4.7, the Enterprise Wiki.
•   |  Report a bug
•  |  Atlassian News