Jenkins: Accessed denied after turning on global security. How to revert?

Solution 1:

edit the config.xml and replace the following two xml tags with the below version. Then restart your server.

  <authorizationStrategy class="$Unsecured"/>
  <securityRealm class="$None"/>

Beware, your existing tags are probably spanning over several lines each.

Solution 2:

You are getting this error because you enabled the security but don't have any user with permissions. To solve this problem, first edit config.xml and set useSecurity to false

I assume that you want to use local authentication (a local db of users) rather than an external db (i.e., LDAP). Follow the steps below taken from Jenkins Documentation.

  1. Go to the Configure Global Security screen (http://server/jenkins/configureSecurity/) and choose "enable security". An alternate URL to try is http://server:8080/configureSecurity.
  2. Select "Jenkins's own user database" as the security realm
  3. Place a check mark next to "Allow users to sign up"
  4. Select "Matrix-based security" as the authorization
  5. Give anonymous user the read access
  6. In the text box below the table, type in your user name (you'd be creating this later) and click "add"
  7. Give yourself a full access by checking the entire row for your user name
  8. Scroll all the way to the bottom, click "save"

Tested with version 1.566.

I suggest to revert the changes suggested in the accepted answer as it is likely to affect the steps above.

Solution 3:

Two-liner fix (run on the server):

sudo ex +g/useSecurity/d +g/authorizationStrategy/d -scwq /var/lib/jenkins/config.xml
sudo /etc/init.d/jenkins restart

Note: The sudo permission is required, or run as root.

Then login to Jenkins as usual and reconfigure the security again.