63
votes

I choose to use "Jenkins's own user database" security realm for user login as I couldn't use LDAP in my company. And Google's OpenID has issue when you decided to change the hostname or port number to something else.

And I use "Project-based Matrix Authorization Strategy" schema for my security.

But I don't seem to able to create my own group, and add users to the group to manage the permission.

3
I just checked and I can't find group support for internal users either. How many people will be in your group. Can't you just add permissions individually? If you need group support you may need to use one of the alternative authentication mechanisms supported by Jenkins.shonky linux user
I have over about 80 users, and at least 30+ projects, the matrix for adding each individually is a pain overall. Do you guys have other ways to do this? Or do you recommend me to use OpenID or other security realm for authentication? Thanksxbeta

3 Answers

71
votes

According to this posting by the lead Jenkins developer, Kohsuke Kawaguchi, in 2009, there is no group support for the built-in Jenkins user database. Group support is only usable when integrating Jenkins with LDAP or Active Directory. This appears to be the same in 2012.

However, as Vadim wrote in his answer, you don't need group support for the built-in Jenkins user database, thanks to the Role strategy plug-in.

29
votes

You could use Role Strategy plugin for that purpose. It works like a charm, just setup some roles and assign them. Even on project-specific level.

5
votes

I installed the Role plugin under Jenkins-3.5, but it does not show the "Manage Roles" option under "Manage Jenkins", and when one follows the security install page from the wiki, all users are locked out instantly. I had to manually shutdown Jenkins on the server, restore the correct configuration settings (/me is happy to do proper backups) and restart Jenkins.

I didn't have high hopes, as that plugin was last updated in 2011