Collabora - nextcloud security model

Given the general config I have:

• nextcloud.domain.com - main nextcloud instance
• collabora.domain.com - collabora installed via apt-get, and local service install

What is the security mechanism of collabora which verifies service use, and document reads to be originating from authenticated users only? That is -given there is no process interop, and nextcloud uses the exact same (public) domain as open internet does- how does collabora knows that an incoming request have been authorized?

This is very concering to me, as all the documentation is basically pointing to having installations open to the wide internet. What stops external parties from just using my collabora instance? And even worse, if the collabora app gets rooted, they can read all my documents?

Tangentially related, what are standard, HTTP-based ways to secure collabora, such so that it remains accessible via the app? Specifically, attempting to put it behind client-side certificates, while works for desktop + browser combination, fails to load in the app, as the client-side certs aren’t loaded with the web page. Any other suggestions on how to secure the collabora installation?

Thanks.

Hi security-interest,

you will find all the answers of your questions in the admin doc section from nextcloud (reverse proxy) and the detailed explained collabora config file in /etc/loolwsd/loolwsd.xml.

Regards

I’m also looking for more background information on this. I have the same concerns. Especially because some searching on the net doesn’t provide some actual answers.

The NexCloud Admin section (Reverse Proxy) provides some information on NextCloud, but not on how the actual integration between NextCloud and CollaboraOffice is taking place. The loolwsd.xml is nice, but requires to much reverse engineering and to little actual pointers on how the integration and especially the security aspect is working.

Anyone who can explain in somewhat simpler terms the question of the original poster?