Make this example actually, y'know, work.

author Rich Bowen <rbowen@apache.org>

Sat, 28 May 2016 14:37:43 +0000 (14:37 +0000)

committer Rich Bowen <rbowen@apache.org>

Sat, 28 May 2016 14:37:43 +0000 (14:37 +0000)
author Rich Bowen <rbowen@apache.org>
Sat, 28 May 2016 14:37:43 +0000 (14:37 +0000)
committer Rich Bowen <rbowen@apache.org>
Sat, 28 May 2016 14:37:43 +0000 (14:37 +0000)
diff --git a/docs/manual/mod/mod_auth_form.xml b/docs/manual/mod/mod_auth_form.xml

index a5004a5a6084d5018f8aa8a3c18a047a8f217bd8..465e73f0ed5cb885c83aa8c71b1d8d507fcd98d6 100644 (file)
--- a/docs/manual/mod/mod_auth_form.xml
+++ b/docs/manual/mod/mod_auth_form.xml
@@ -81,9 +81,9 @@
      AuthType form
      AuthName "/admin"
      AuthFormLoginRequiredLocation "http://example.com/login.html"
+
      Session On
      SessionCookieName session path=/
-    SessionCryptoPassphrase secret
  
      Require valid-user
  </Location>
@@ -96,13 +96,17 @@
        <directive module="mod_authn_file">AuthUserFile</directive> specify that usernames
        and passwords should be checked against the chosen file.</p>
  
-      <p>The directives <directive module="mod_session">Session</directive>,
-      <directive module="mod_session_cookie">SessionCookieName</directive> and
-      <directive module="mod_session_crypto">SessionCryptoPassphrase</directive> create an
-      encrypted session stored within an HTTP cookie on the browser. For more information
+      <p>The directives <directive module="mod_session">Session</directive> and
+      <directive module="mod_session_cookie">SessionCookieName</directive> 
+      session stored within an HTTP cookie on the browser. For more information
        on the different options for configuring a session, read the documentation for
        <module>mod_session</module>.</p>
  
+      <p>You can optionally add a 
+      <directive module="mod_session_crypto">SessionCryptoPassphrase</directive> to 
+      create an encrypted session cookie. This required the additional
+      module <module>mod_session_crypto</module> be loaded.</p>
+
        <p>In the simple example above, a URL has been protected by
        <module>mod_auth_form</module>, but the user has yet to be given an opportunity to
        enter their username and password. Options for doing so include providing a
@@ -144,10 +148,9 @@
      AuthFormProvider file
      AuthUserFile "conf/passwd"
      AuthType form
-    AuthName realm
+    AuthName /admin
      Session On
      SessionCookieName session path=/
-    SessionCryptoPassphrase secret
  &lt;/Location&gt;
          </highlight>
        </example>
@@ -212,7 +215,6 @@ AuthName realm
  AuthFormLoginRequiredLocation "http://example.com/login.html"
  Session On
  SessionCookieName session path=/
-SessionCryptoPassphrase secret
          </highlight>
        </example>
  
@@ -311,7 +313,6 @@ AuthName realm
  AuthFormLogoutLocation "http://example.com/loggedout.html"
  Session On
  SessionCookieName session path=/
-SessionCryptoPassphrase secret
          </highlight>
        </example>
  
@@ -330,7 +331,6 @@ AuthFormLogoutLocation "http://example.com/loggedout.html"
  Session On
  SessionMaxAge 1
  SessionCookieName session path=/
-SessionCryptoPassphrase secret
          </highlight>
        </example>
author	Rich Bowen <rbowen@apache.org>
	Sat, 28 May 2016 14:37:43 +0000 (14:37 +0000)
committer	Rich Bowen <rbowen@apache.org>
	Sat, 28 May 2016 14:37:43 +0000 (14:37 +0000)