Security
Documentation Map
-
Security
-
Channel:
stable -
Source repo:
JaddaHelpifyr/jhf-loom
Security
Tool / Contract Summary
This page documents the active security boundary of the live Loom runtime. Security here means identity source, trusted ingress, ACL ownership, secret handling, and forbidden shadow truth.
Current Verified State
Verified now:
- public login starts through the trusted OIDC bridge
jhf-heddleremains the only IdPjhf-openclaw-envremains the only public ingress owner- authenticated repository/API access succeeds only with a valid bridge session
- logout returns the repository/API path to
401
Available Now
Identity posture:
- identity source:
jhf-heddle/ Keycloak - canonical public auth mode: proxy-SSO via
jhf-openclaw-env - direct Alfresco-to-Keycloak is not the canonical public path
Authorization posture:
- ACL and content authorization remain inside the Loom content runtime
Network posture:
- public access through
<internal-runtime-redacted> - raw container ports loopback-only
- internal runtime services are not public surfaces
Public Surfaces
https://<internal-runtime-redacted>/https://<internal-runtime-redacted>/share/https://<internal-runtime-redacted>/alfresco/
Contract Families
Security-relevant Fabric posture is consumed, not defined, here. Loom must not become a second governance or identity truth source.
Readiness / Drift / Monitoring
- security acceptance depends on the real trusted public path
- a local-only green state is not enough
- direct raw port access is not an accepted substitute for trusted ingress
Secret Handling
- no Keycloak client secrets in git
- no registry credentials in git
- no ingress secrets in git
- no local duplication of Fabric-owned policy truth
Known Limits
- the direct Alfresco-to-Keycloak path is not documented as the canonical public path
- this repo documents the Loom-side boundary but does not own Keycloak realm or Caddy/TLS configuration
License: AGPLv3.
Helpifyr: https://helpifyr.com