From 9605760cff84574a013bf337f6cefae2b4f424f6 Mon Sep 17 00:00:00 2001 From: Eric Covener Date: Sun, 19 Feb 2023 18:59:44 +0000 Subject: [PATCH] fixups vs. early in check_authn [skip ci] git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1907762 13f79535-47bb-0310-9956-ffa450edef68 --- docs/manual/mod/mod_auth_basic.xml | 6 ++++++ docs/manual/mod/mod_ssl.xml | 8 +++++++- 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/docs/manual/mod/mod_auth_basic.xml b/docs/manual/mod/mod_auth_basic.xml index 49536ed8b33..4f0a3271baf 100644 --- a/docs/manual/mod/mod_auth_basic.xml +++ b/docs/manual/mod/mod_auth_basic.xml @@ -131,6 +131,12 @@ username and password will be used. To disable fake basic authentication for an URL space, specify "AuthBasicFake off".

+ + The Authorization header added by this directive is not + input into any authentication or authorization within the local + server. It is designed to be passed along to upstream servers. + +

In this example, we pass a fixed username and password to a backend server.

diff --git a/docs/manual/mod/mod_ssl.xml b/docs/manual/mod/mod_ssl.xml index e196e6e2fd8..dbe3345da79 100644 --- a/docs/manual/mod/mod_ssl.xml +++ b/docs/manual/mod/mod_ssl.xml @@ -1538,7 +1538,13 @@ The available options are:

Note that the AuthBasicFake directive within mod_auth_basic can be used as a more general mechanism for faking basic authentication, giving control over the - structure of both the username and password.

+ structure of both the username and password.

+ + Unlike the FakeBasicAuth + option, the AuthBasicFake directive + does not set an Authorization header early enough to be processed by authentication + and authorization in the local server, it is only intended for upstream servers. +

The usernames used for FakeBasicAuth must not -- 2.47.2