I configured my Jenkins server to only use HTTPS and enabled security. As well I don't like anybody who's not logged on to see the Dashboard (even if it would be empty). Here for I disabled the 'read' access for 'anonymous'.

So far all this works exactly to my likings :)

But wanting to add some build notification functionality to remote clients by e.g. using something like 'CCtray' I run into trouble. The access to the https://<SERVER>/cc.xml now only works for logged in users. Where I would have liked to be able to get those notifications for 'anonymous'.

Probably combining these wishes is kind of contradictory - I suppose?

Maybe someone has a better idea which could match my likings?

Possibly any other notification tool which can be used???

For the Mercurial hook triggering the sw-builds I can use a construction like

curl --cacert <CERTIFICATE> https://<USER>:<PASSWORD>@<SERVER>/job/MyPROJECT/build?delay=0sec

But a similar approach for the URL in CCtray doesn't seem to work.

I've just started using the cctray Jenkins transport extension. Early days, but it seems to work as advertised and is connecting to our secure server perfectly happily.

Currently, the only significant limitation seems to be that if your password expires there's no way to re-enter your credentials.

For Jenkins servers without anonymous access, you can use Catlight build notification tool. You can provide access token or username/password to authenticate to your server.

I you have a self-signed ssl certificate, make sure that you add it to trusted by OS. That way, most applications will recognize it and connect to server without warnings.

Adding to @MrBlueSky 's answer, you can avoid the password expiration hassle; simply use a Jenkins-issued API Token instead of your password.

1. Log into Jenkins
2. Click your username (in the upper right corner)
3. Click Configure (in the left navbar)
4. Click Show API Token
5. Use this token in place of your password when setting up the Jenkins Transport settings