doc: Include the header use of htextauth.

author Fredrik Tolf <fredrik@dolda2000.com>

Wed, 13 Apr 2011 11:52:31 +0000 (13:52 +0200)

committer Fredrik Tolf <fredrik@dolda2000.com>

Wed, 13 Apr 2011 11:53:45 +0000 (13:53 +0200)
author Fredrik Tolf <fredrik@dolda2000.com>
Wed, 13 Apr 2011 11:52:31 +0000 (13:52 +0200)
committer Fredrik Tolf <fredrik@dolda2000.com>
Wed, 13 Apr 2011 11:53:45 +0000 (13:53 +0200)
diff --git a/doc/htextauth.doc b/doc/htextauth.doc

index d124652..b985492 100644 (file)
--- a/doc/htextauth.doc
+++ b/doc/htextauth.doc
@@ -28,6 +28,11 @@ so that the authentication program does not have to be called for each
  and every request. Cached credentials are cleared from the cache when
  they have not been used for over 30 minutes.
  
+When authentication succeeds, *htextauth* removes the HTTP
+`Authorization` header from the request before passing the request on
+to the child handler, and adds the `X-Ash-Remote-User` header in its
+place, containing the name of the authenticated user.
+
  If the child handler exits, *htextauth* exits as well.
  
  OPTIONS
author	Fredrik Tolf <fredrik@dolda2000.com>
	Wed, 13 Apr 2011 11:52:31 +0000 (13:52 +0200)
committer	Fredrik Tolf <fredrik@dolda2000.com>
	Wed, 13 Apr 2011 11:53:45 +0000 (13:53 +0200)