-
Bug
-
Resolution: Fixed
-
Minor
-
Jenkins 2.5 running on Ubuntu 16.04, installed from "latest version" http://pkg.jenkins-ci.org/debian PPA repository. github-plugin is version 1.19.1, with no available updates shown in Jenkins.
I started to set up GitHub webhooks with Jenkins, and I got it working as https://jenkins.mydomain.com/github-webhook/ - without any username and password provided by GitHub. I want to secure it with a username and password (or some other means, if there's a better/more commonly used auth method for this), but before that I want to make sure that this unauthenticated webhook URL access is secured so that it's not freely.
I'm using global security with built-in Active Directory and Project-based Matrix Authorization Strategy, and anonymous users don't have any access to anything. My Jenkins server is behind an apache2 reverse-proxy.