Jenkins: Security

Jenkins: Security

Per-Project Access Control
If your Jenkins®  installation hosts sensitive projects that must be visible to a restricted set of people, define permissions at the individual project level so that different people have access to different sets of projects. Or if you just want to have a single set of access rights across all your projects, Jenkins can be configured that way, too.

LDAP Integration
Jenkins can use your existing LDAP server to authenticate and authorize users. For most typical LDAP schemas, you need no more configuration information than the LDAP server name and, even if your schema is unique, you can still integrate by specifying a few additional options.

Handling LDAP integration this way, your users need not have multiple passwords among different applications in your network.

Zero Configuration Active Directory Integration
Jenkins comes with built-in Active Directory support. If you run ICHI on a Windows machine that participates in a domain, the configuration is truly zero-conf. You just tell Jenkins to use Active Directory and it’ll figure out everything else on its own! If you run Jenkins on a Unix machine, just tell it the Active Directory domain name and, again, Jenkins will figure everything out.

Active Directory support works correctly with a domain with forests, too.

SSO Integration: Atlassian Crowd, CAS, SourceForge Enterprise Edition, CollabNet TeamForge
Take advantage of the plugins that the community has developed to integrate Jenkins to SSO software like Atlassian Crowd or CAS, or delegate authentication to existing software like CollabNet TeamForge so that the user maintains a single identity across your network.

This part of Jenkins is extensible, so a custom plugin would enable you to integrate to any other SSO software or other services.

Wiki Syntax for Descriptions
In places such as project descriptions and build descriptions, you can use a common Wiki syntax (such as Conflience, TWiki, etc.) instead of letting users write raw HTML. In security-sensitive environments, this prevents users from mounting XSS attacks.

 

The registered trademark Jenkins® is used pursuant to a sublicense from the Jenkins project and Software in the Public Interest, Inc.