Jenkins plugin

The Casdoor Jenkins plugin lets users sign in to Jenkins via Casdoor. This guide configures the plugin.

The following are some of the configuration settings:

CASDOOR_HOSTNAME: The domain name or IP where the Casdoor server is deployed.

JENKINS_HOSTNAME: The domain name or IP where Jenkins is deployed.

Step 1: Deploy Casdoor and Jenkins

After a successful deployment, ensure the following:

Set the Jenkins URL (Manage Jenkins -> Configure System -> Jenkins Location) to JENKINS_HOSTNAME.
Verify that Casdoor can be logged in and used normally.
Set the origin value of Casdoor (conf/app.conf) to CASDOOR_HOSTNAME.

Note Client ID and Client secret from the application page for the next step.

Open your favorite browser and visit http://CASDOOR_HOSTNAME/.well-known/openid-configuration to view the OIDC configuration of Casdoor.

Install the Casdoor plugin from the Jenkins marketplace or by uploading the plugin JAR.

After the installation is complete, go to Manage Jenkins -> Configure Global Security.

Suggestion: Back up the Jenkins config.xml file and use it for recovery in case of setup errors.

Jenkins' Setting

In the Security Realm section, select "Casdoor Authentication Plugin".
In the Casdoor Endpoint field, enter the CASDOOR_HOSTNAME mentioned earlier.
In the Client ID field, enter the Client ID mentioned earlier.
In the Client secret field, enter the Client secret mentioned earlier.
JWT Public Key: In Casdoor open Cert, edit your application’s cert, and copy the public key.
Organization Name and Application Name are optional; use them to restrict verification to specific orgs/apps. If empty, the plugin uses the default organization and application.
In the Authorization section, check "Logged-in users can do anything". Disable "Allow anonymous read access".
Click Save.

Jenkins will now automatically redirect you to Casdoor for authentication.