From c27ab06b07aa14f181c52098019098dca9b65726 Mon Sep 17 00:00:00 2001
From: Rich Bowen <rbowen@apache.org>
Date: Sat, 28 May 2016 14:37:43 +0000
Subject: [PATCH] Make this example actually, y'know, work.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1745878 13f79535-47bb-0310-9956-ffa450edef68
---
 docs/manual/mod/mod_auth_form.xml | 20 ++++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/docs/manual/mod/mod_auth_form.xml b/docs/manual/mod/mod_auth_form.xml
index a5004a5a60..465e73f0ed 100644
--- a/docs/manual/mod/mod_auth_form.xml
+++ b/docs/manual/mod/mod_auth_form.xml
@@ -81,9 +81,9 @@
     AuthType form
     AuthName "/admin"
     AuthFormLoginRequiredLocation "http://example.com/login.html"
+
     Session On
     SessionCookieName session path=/
-    SessionCryptoPassphrase secret
 
     Require valid-user
 </Location>
@@ -96,13 +96,17 @@
       <directive module="mod_authn_file">AuthUserFile</directive> specify that usernames
       and passwords should be checked against the chosen file.</p>
 
-      <p>The directives <directive module="mod_session">Session</directive>,
-      <directive module="mod_session_cookie">SessionCookieName</directive> and
-      <directive module="mod_session_crypto">SessionCryptoPassphrase</directive> create an
-      encrypted session stored within an HTTP cookie on the browser. For more information
+      <p>The directives <directive module="mod_session">Session</directive> and
+      <directive module="mod_session_cookie">SessionCookieName</directive> 
+      session stored within an HTTP cookie on the browser. For more information
       on the different options for configuring a session, read the documentation for
       <module>mod_session</module>.</p>
 
+      <p>You can optionally add a 
+      <directive module="mod_session_crypto">SessionCryptoPassphrase</directive> to 
+      create an encrypted session cookie. This required the additional
+      module <module>mod_session_crypto</module> be loaded.</p>
+
       <p>In the simple example above, a URL has been protected by
       <module>mod_auth_form</module>, but the user has yet to be given an opportunity to
       enter their username and password. Options for doing so include providing a
@@ -144,10 +148,9 @@
     AuthFormProvider file
     AuthUserFile "conf/passwd"
     AuthType form
-    AuthName realm
+    AuthName /admin
     Session On
     SessionCookieName session path=/
-    SessionCryptoPassphrase secret
 &lt;/Location&gt;
         </highlight>
       </example>
@@ -212,7 +215,6 @@ AuthName realm
 AuthFormLoginRequiredLocation "http://example.com/login.html"
 Session On
 SessionCookieName session path=/
-SessionCryptoPassphrase secret
         </highlight>
       </example>
 
@@ -311,7 +313,6 @@ AuthName realm
 AuthFormLogoutLocation "http://example.com/loggedout.html"
 Session On
 SessionCookieName session path=/
-SessionCryptoPassphrase secret
         </highlight>
       </example>
 
@@ -330,7 +331,6 @@ AuthFormLogoutLocation "http://example.com/loggedout.html"
 Session On
 SessionMaxAge 1
 SessionCookieName session path=/
-SessionCryptoPassphrase secret
         </highlight>
       </example>
 
-- 
2.50.1