concepts.adoc 1.7 KB

12345678910111213141516171819202122232425262728293031323334
  1. [#auth-concepts]
  2. = Security Concepts
  3. OliveTin implements a security model that covers **Authentication**, **Authorization** (via xref:security/acl.adoc[ACLs]) and **Accounting**.
  4. == Authentication
  5. To allow users to be Authenticated to OliveTin, there are several options to choose from;
  6. - xref:security/local.adoc[Local Users] (ie: Login with Username and Password)
  7. - xref:security/oauth2.adoc[OAuth2] (eg: Google, GitHub, etc)
  8. - xref:security/trusted_header.adoc[Trusted Header] (eg: Nginx, Apache, etc)
  9. - xref:security/jwt.adoc[JWT] (eg: Traefik, Organizr, etc)
  10. == Authorization
  11. OliveTin's authorization system, or permissions, is built on xref:security/acl.adoc[Access Control Lists]. This is a powerful mechanism that allows you to implement very fine grained access control, or your own role based access control (RBAC).
  12. == Accounting
  13. OliveTin's accounting is via it's logs. This aspect of OliveTin's security model is poorly documented at the moment.
  14. == What's Next?
  15. Now that you understand OliveTin's security model, implement it for your use case:
  16. * xref:security/local.adoc[Set up local users] - Configure username/password authentication
  17. * xref:security/oauth2.adoc[Configure OAuth2] - Integrate with OAuth2 providers (Google, GitHub, etc.)
  18. * xref:security/trusted_header.adoc[Use trusted headers] - Authenticate via reverse proxy headers
  19. * xref:security/jwt.adoc[Configure JWT] - Use JWT tokens for authentication
  20. * xref:security/acl.adoc[Set up Access Control Lists] - Implement fine-grained permissions
  21. * xref:security/examples.adoc[View security examples] - See complete security configurations
  22. * xref:security/design_choices.adoc[Security design recommendations] - Learn best practices for securing OliveTin