|
Out-of-the-box TeamCity Enterprise edition supports three authentication schemes:
<auth-type> <!-- Active login module class, see below --> <login-module class="jetbrains.buildServer.serverSide.impl.auth.LDAPLoginModule" /> <!-- Welcome message displayed to users on login form --> <login-description>Welcome to TeamCity, your team building environment!</login-description> <!-- Whether anonymous "view-only" logins are allowed (true|false) --> <guest-login allowed="true" /> <!-- Allow users to self-register (only for modules which support this feature, e.g. DefaultLoginModule) (true|false) --> <free-registration allowed="false" /> </auth-type> Authentication type is defined by the login module, welcome message and the possibility to use anonymous login. Built-in login modules are:
Default AuthenticationConfiguration of <TeamCity data directory>/config/main-config.xml: <auth-type> <login-module class="jetbrains.buildServer.serverSide.impl.auth.DefaultLoginModule" /> <!-- Welcome message displayed to users on login form --> <login-description>Welcome to TeamCity, your team building environment!</login-description> <!-- Whether anonymous "view-only" logins are allowed (true|false) --> <guest-login allowed="true" /> <!-- Allow users to self-register (only for modules which support this feature, e.g. DefaultLoginModule) (true|false) --> <free-registration allowed="true" /> </auth-type> Users database is maintained by TeamCity. New users are added by TeamCity administrator (in administration area section) or user are self-registered if <free-registration allowed="true" /> tag is specified. Windows Domain AuthenticationConfiguration of <TeamCity data directory>/config/main-config.xml: <auth-type> <login-module class="jetbrains.buildServer.serverSide.impl.auth.NTDomainLoginModule" /> <!-- Welcome message displayed to users on login form --> <login-description>Welcome to TeamCity, your team building environment!</login-description> <!-- Whether anonymous "view-only" logins are allowed (true|false) --> <guest-login allowed="true" /> </auth-type> Windows Domain Authentication is supported if TeamCity server is installed under Windows 2000, Windows XP or Windows Server 2003, as well as under Unix-like OS. Prior to TeamCity 3.1, all Windows domain users that can log on to the machine running TeamCity server can also log in to TeamCity using the same credentials. To log in to TeamCity users should provide their user name in the form DOMAIN\user.name and their domain password. Starting with the 3.1 version, TeamCity also supports logging in using <username>@<domain> syntax. It is also possible to log in using only a username if the domain is added to the <TeamCity data directory>/config/ntlm-config.properties file. Windows Domain Authentication on Unix-like ComputersTeamCity supports Windows Domain Authentication on Unix-like computers. For this to work, check the <TeamCity data directory>/config/ntlm-config.properties file and make sure the following line is commented out. # ntlm.compatibilityMode=true
Please refer to the http://jcifs.samba.org/src/docs/api/ page for information about other supported properties.
LDAP AuthenticationPlease refer to the corresponding section.
See Also:
|
Comments (1)
Mar 04
Heikki Rauhala says:
Is it possible to change the authentication scheme of a running system? I instal...Is it possible to change the authentication scheme of a running system?
I installed teamcity, started up without ldap, then configured LDAP authentication, but could not figure out how to assign the administrator role to an LDAP user that had not yet registered. I had not yet configured too much things, so I just cleaned the database and got an administrator account. However, it would be nice if this page would describe that you have to setup LDAP before you do the initial login, or how to assign the administrator role.