Collabora - nextcloud security model

Given the general config I have:

What is the security mechanism of collabora which verifies service use, and document reads to be originating from authenticated users only? That is -given there is no process interop, and nextcloud uses the exact same (public) domain as open internet does- how does collabora knows that an incoming request have been authorized?

This is very concering to me, as all the documentation is basically pointing to having installations open to the wide internet. What stops external parties from just using my collabora instance? And even worse, if the collabora app gets rooted, they can read all my documents?

Tangentially related, what are standard, HTTP-based ways to secure collabora, such so that it remains accessible via the app? Specifically, attempting to put it behind client-side certificates, while works for desktop + browser combination, fails to load in the app, as the client-side certs aren’t loaded with the web page. Any other suggestions on how to secure the collabora installation?

Thanks.

Hi security-interest,

you will find all the answers of your questions in the admin doc section from nextcloud (reverse proxy) and the detailed explained collabora config file in /etc/loolwsd/loolwsd.xml.

Regards