From 877c81532581ccd1eae1ca31367937806809f98e Mon Sep 17 00:00:00 2001
From: Eric Covener <covener@apache.org>
Date: Wed, 22 Apr 2015 17:44:00 +0000
Subject: [PATCH] add a prominent caveat about the effect of caching.

PR55089


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1675436 13f79535-47bb-0310-9956-ffa450edef68
---
 docs/manual/mod/mod_authnz_ldap.xml | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/docs/manual/mod/mod_authnz_ldap.xml b/docs/manual/mod/mod_authnz_ldap.xml
index 37a3e131c6..80e9938330 100644
--- a/docs/manual/mod/mod_authnz_ldap.xml
+++ b/docs/manual/mod/mod_authnz_ldap.xml
@@ -67,8 +67,8 @@ for HTTP Basic authentication.</description>
 <section id="contents"><title>Contents</title>
 
     <ul>
-      <li>
-        <a href="#operation">Operation</a>
+      <li> <a href="#gcaveats">General caveats</a> </li>
+      <li> <a href="#operation">Operation</a>
 
         <ul>
           <li><a href="#authenphase">The Authentication
@@ -109,6 +109,16 @@ for HTTP Basic authentication.</description>
     </ul>
 </section>
 
+<section id="gcaveats"><title>General caveats</title>
+<p> This module caches authentication and authorization results based
+on the configuration of <module name="mod_ldap">mod_ldap</module>. Changes
+made to the backing LDAP server will not be immediately reflected on the
+HTTP Server, including but not limited to user lockouts/revocations, 
+password changes, or changes to group memberships.  Consult the directives 
+in <module name="mod_ldap">mod_ldap</module> for details of the cache tunables.
+</p>
+</section>
+
 <section id="operation"><title>Operation</title>
 
     <p>There are two phases in granting access to a user. The first
-- 
2.40.0