Security Concepts

OliveTin implements a security model that covers Authentication, Authorization (via ACLs) and Accounting.

Authentication

To allow users to be Authenticated to OliveTin, there are several options to choose from;

Local Users (ie: Login with Username and Password)
OAuth2 (eg: Google, GitHub, etc)
Trusted Header (eg: Nginx, Apache, etc)
JWT (eg: Traefik, Organizr, etc)

Authorization

OliveTin’s authorization system, or permissions, is built on Access Control Lists. This is a powerful mechanism that allows you to implement very fine grained access control, or your own role based access control (RBAC).

Accounting

OliveTin’s accounting is via it’s logs. This aspect of OliveTin’s security model is poorly documented at the moment.