fixups vs. early in check_authn

[skip ci]

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1907762 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/docs/manual/mod/mod_auth_basic.xml b/docs/manual/mod/mod_auth_basic.xml
index 49536ed8b3376e4d8ea75ff7a8d1cd00bae20787..4f0a3271bafb7e911e1644024158a5b8c5accc9a 100644 (file)
--- a/docs/manual/mod/mod_auth_basic.xml
+++ b/docs/manual/mod/mod_auth_basic.xml
@@ -131,6 +131,12 @@ username and password</description>
     will be used. To disable fake basic authentication for an URL
     space, specify "AuthBasicFake off".</p>
 
+    <note>
+    The Authorization header added by this directive is <em>not</em>
+    input into any authentication or authorization within the local 
+    server.  It is designed to be passed along to upstream servers.
+    </note>
+
     <p>In this example, we pass a fixed username and password to a
     backend server.</p>
 

diff --git a/docs/manual/mod/mod_ssl.xml b/docs/manual/mod/mod_ssl.xml
index e196e6e2fd89f5ce526a91851cb3e0dfa079b498..dbe3345da796d72b867026755e6cc7c40eac4b52 100644 (file)
--- a/docs/manual/mod/mod_ssl.xml
+++ b/docs/manual/mod/mod_ssl.xml
@@ -1538,7 +1538,13 @@ The available <em>option</em>s are:</p>
     <p>Note that the <directive module="mod_auth_basic">AuthBasicFake</directive>
     directive within <module>mod_auth_basic</module> can be used as a more
     general mechanism for faking basic authentication, giving control over the
-    structure of both the username and password.</p>
+    structure of both the username and password. </p>
+
+    <note>Unlike the <code>FakeBasicAuth</code>
+    option, the <directive module="mod_auth_basic">AuthBasicFake</directive> directive
+    does not set an Authorization header early enough to be processed by authentication
+    and authorization in the local server, it is only intended for upstream servers.
+    </note>
 
     <note type="warning">
       <p>The usernames used for <code>FakeBasicAuth</code> must not