-
Improvement
-
Resolution: Fixed
-
Minor
-
Initial configuration of a new Jenkins installation.
During the initial configuration of Jenkins, if the Security Realm of "Jenkins own user database" is selected, it should prompt to create at least 1 administrative user (if none exist) before saving the configuration. Currently it's fairly easy to lock oneself out if no local users exist and this configuration is saved.
- links to
As long as you allow signup, the first user to do that becomes admin.
As long as anonymous is allowed to administer, you can still create users.
It's only relevant if you don't allow signup, and don't give the anonymous user any permissions. In that case, it's bad, true.