Security

Security Tab in Jenkins¶

The Security Tab in Jenkins provides a centralized place for managing the security settings of your Jenkins instance, focusing on authentication and authorization.

Authentication¶

Authentication is the process of verifying the identity of a user attempting to access Jenkins. Jenkins supports several authentication methods, including:

• Jenkins’ Own User Database: Default authentication method where users are managed directly in Jenkins.
• LDAP: Integrates with corporate directories for centralized user management.

Authorization Modes¶

Authorization determines what authenticated users are allowed to do in Jenkins. The main modes include:

1. Matrix-based Security:
2. Provides fine-grained control over permissions.

3. Allows administrators to assign specific permissions to individual users or groups.

4. Project-based Matrix Authorization Strategy:

5. Extends matrix-based security to individual projects.

6. Enables per-project access control for users and groups.

7. Legacy mode:

   • A simpler authorization method where users are assigned roles.
   • Less flexible than matrix-based security but easier to manage for small setups.

8. Logged-in Users Can Do Anything:

9. Grants full access to all logged-in users.

10. Suitable for small or trusted environments.

11. Anyone Can Do Anything:

12. Disables security entirely.
13. Suitable for non-critical environments or testing purposes.