The Jenkins continuous integration system doesn’t perform any security checks by default. While this may not be a problem in certain situations, if your installation is going to be exposed to the internet (or any other untrusted environment) it’s a good idea to implement some security checks. In this example, we’ll walk you through a common setup: allowing Jenkins to maintain its own user database, and then show you how to grant a specified user with full administrative privileges.
Note, this tutorial uses Jenkins and uberSVN. uberSVN is free to download and free to use, simply visit http://www.wandisco.com/ubersvn to get started.
1) Open the ‘Jenkins’ tab in your uberSVN installation and select the ‘Manage Jenkins’ option.
2) Select the ‘Configure Systems’ option.
3) Select the ‘Enable security’ option. This will bring up some additional options.
4) Select ‘Jenkins’s own user database’ under the ‘Security Realm’ heading, and ensure the ‘Allow users to sign up’ checkbox is ticked.
5) Under ‘Authorization,’ select ‘Matrix-based security.’ This will bring up a new table.
6) In the table select ‘Overall – Read’ for anonymous users.
7) Type your username into the ‘User/group to add” box and click ‘add.’ Your username will now appear in the table.
8) Make sure every permission for your username is ticked, to give yourself full access.
9) Select the ‘Save’ button at the bottom of the page. You have now configured Jenkins’ security settings!
Need more Subversion know-how? After getting a great response from the Apache Subversion community in 2011, Subversion Live is back for 2012, bringing the Subversion community sessions covering everything from Subversion’s future, to expert-led best practices workshops, as well as the unique opportunity to meet the core Subversion committers.