Jenkins: Accessed denied after turning on global security. How to revert?
Solution 1:
edit the config.xml and replace the following two xml tags with the below version. Then restart your server.
<authorizationStrategy class="hudson.security.AuthorizationStrategy$Unsecured"/>
<securityRealm class="hudson.security.SecurityRealm$None"/>
Beware, your existing tags are probably spanning over several lines each.
Solution 2:
You are getting this error because you enabled the security but don't have any user with permissions. To solve this problem, first edit config.xml and set useSecurity to false
I assume that you want to use local authentication (a local db of users) rather than an external db (i.e., LDAP). Follow the steps below taken from Jenkins Documentation.
- Go to the Configure Global Security screen (http://server/jenkins/configureSecurity/) and choose "enable security". An alternate URL to try is http://server:8080/configureSecurity.
- Select "Jenkins's own user database" as the security realm
- Place a check mark next to "Allow users to sign up"
- Select "Matrix-based security" as the authorization
- Give anonymous user the read access
- In the text box below the table, type in your user name (you'd be creating this later) and click "add"
- Give yourself a full access by checking the entire row for your user name
- Scroll all the way to the bottom, click "save"
Tested with version 1.566.
I suggest to revert the changes suggested in the accepted answer as it is likely to affect the steps above.
Solution 3:
Two-liner fix (run on the server):
sudo ex +g/useSecurity/d +g/authorizationStrategy/d -scwq /var/lib/jenkins/config.xml
sudo /etc/init.d/jenkins restart
Note: The sudo permission is required, or run as root.
Then login to Jenkins as usual and reconfigure the security again.