emphasize that trying to use the basic auth credentials directly

is a last resort.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@949444 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/docs/manual/mod/mod_authnz_ldap.html.en b/docs/manual/mod/mod_authnz_ldap.html.en
index e4d8fe88bc2121136985f1480beb4b84c974441e..831f8536ab4ab8ee77a70c6d5a394f71da9781da 100644 (file)
--- a/docs/manual/mod/mod_authnz_ldap.html.en
+++ b/docs/manual/mod/mod_authnz_ldap.html.en
@@ -975,6 +975,11 @@ own username, instead of anonymously or with hard-coded credentials for the serv
      <p> If the verbatim username can't directly bind, but needs some
      cosmetic transformation, see <code class="directive"><a href="#&#10;     authldapinitialbindpattern">
      AuthLDAPInitialBindPattern</a></code>.</p>
+   
+     <p> This directive should only be used when your LDAP server doesn't 
+         accept anonymous searches and you cannot use a dedicated 
+         <code class="directive"><a href="#authldapbinddn">AuthLDAPBindDN</a></code>.
+     </p>
 
      <div class="note"><h3>Not available with authorization-only</h3>
          This directive can only be used if this module authenticates the user, and
@@ -1007,6 +1012,11 @@ to perform a DN lookup</td></tr>
     <p> The regular expression argument is compared against the current basic authentication username.
         The substitution argument may contain backreferences, but has no other variable interpolation.</p>
      
+    <p> This directive should only be used when your LDAP server doesn't 
+        accept anonymous searches and you cannot use a dedicated 
+        <code class="directive"><a href="#authldapbinddn">AuthLDAPBindDN</a></code>.
+    </p>
+
     <div class="example"><p><code> AuthLDAPInitialBindPattern (.+) $1@example.com </code></p></div>
     <div class="example"><p><code> AuthLDAPInitialBindPattern (.+) cn=$1,dc=example,dc=com</code></p></div>
 

diff --git a/docs/manual/mod/mod_authnz_ldap.xml b/docs/manual/mod/mod_authnz_ldap.xml
index 430cbb2367dcf9acba8fd4d90fe327aae56d26c3..281c0f41f05818413a0e753ef5241e9b5170c6d2 100644 (file)
--- a/docs/manual/mod/mod_authnz_ldap.xml
+++ b/docs/manual/mod/mod_authnz_ldap.xml
@@ -824,6 +824,11 @@ own username, instead of anonymously or with hard-coded credentials for the serv
      <p> If the verbatim username can't directly bind, but needs some
      cosmetic transformation, see <directive module="mod_authnz_ldap">
      AuthLDAPInitialBindPattern</directive>.</p>
+   
+     <p> This directive should only be used when your LDAP server doesn't 
+         accept anonymous searches and you cannot use a dedicated 
+         <directive module="mod_authnz_ldap">AuthLDAPBindDN</directive>.
+     </p>
 
      <note><title>Not available with authorization-only</title>
          This directive can only be used if this module authenticates the user, and
@@ -852,6 +857,11 @@ to perform a DN lookup</description>
     <p> The regular expression argument is compared against the current basic authentication username.
         The substitution argument may contain backreferences, but has no other variable interpolation.</p>
      
+    <p> This directive should only be used when your LDAP server doesn't 
+        accept anonymous searches and you cannot use a dedicated 
+        <directive module="mod_authnz_ldap">AuthLDAPBindDN</directive>.
+    </p>
+
     <example> AuthLDAPInitialBindPattern (.+) $1@example.com </example>
     <example> AuthLDAPInitialBindPattern (.+) cn=$1,dc=example,dc=com</example>