In this hands-on lab, you will configure security contexts in Jenkins for your company by creating and applying nested folders and ensuring users only have access to items in their scope. During this lab, we will see how configuration changes apply to Jenkins’ overall security and what effect the security contexts have at each of the different levels.
Learning Objectives
Successfully complete this lab by achieving the following learning objectives:
- Enable Project-Based Matrix Security
- Enable project-based matrix security.
- Ensure that our authenticated users have global read access at this level.
- Create Users James, Diane, and Laura
- Create new user accounts for James, Diane, and Laura.
- Take note of all passwords provided for the users.
- Check the security settings for each account using the passwords you created.
- Create the webdev Folder and Give James Access
- Create a top-level folder named
webdev
. - Enable project security and disallow inheritance.
- Add James and give him full access.
- Create a freestyle project named
test
, and set it to inherit from the parent.
- Create a top-level folder named
- Create the backend Folder and Give Diane Full Access
- Create a top-level folder named
backend
. - Configure and enable project-based security for the folder.
- Disable inheritance, add Diane, and grant her full access.
- Create a top-level folder named
- Create the tomcat Folder Inside the Backend Folder and Give Laura Access
- Go into the
backend
folder, create a new item, and create thetomcat
folder. - Configure this folder with project-based security, allow inheritance from the parent, and add Laura with full access.
- Make sure that Laura has permission to view the job on the’ backend’ folder and can see the
tomcat
folder. - Inside the
tomcat
folder, make a test freestyle project.
- Go into the
- Verify That Each User Can Only Access Their Specified Folders
- Log in as James, and verify that the user can’t access the
backend
folder. - Log in as Diane, and verify that the user cannot see the
webdev
folder but can seebackend
andtomcat
. - Log in as Laura, and verify that the user can only access the
tomcat
folder.
- Log in as James, and verify that the user can’t access the