doc: Include the header use of htextauth.

author Fredrik Tolf <fredrik@dolda2000.com>

Wed, 13 Apr 2011 11:52:31 +0000 (13:52 +0200)

committer Fredrik Tolf <fredrik@dolda2000.com>

Wed, 13 Apr 2011 11:53:45 +0000 (13:53 +0200)
author Fredrik Tolf <fredrik@dolda2000.com>
Wed, 13 Apr 2011 11:52:31 +0000 (13:52 +0200)
committer Fredrik Tolf <fredrik@dolda2000.com>
Wed, 13 Apr 2011 11:53:45 +0000 (13:53 +0200)
diff --git a/doc/htextauth.doc b/doc/htextauth.doc

index d12465274d3ef033908441454d7aad190e0a11fc..b9854925ad1f5d045475ae781f37cd141117ee55 100644 (file)
--- a/doc/htextauth.doc
+++ b/doc/htextauth.doc
@@ -28,6 +28,11 @@ so that the authentication program does not have to be called for each
  and every request. Cached credentials are cleared from the cache when
  they have not been used for over 30 minutes.
  
+When authentication succeeds, *htextauth* removes the HTTP
+`Authorization` header from the request before passing the request on
+to the child handler, and adds the `X-Ash-Remote-User` header in its
+place, containing the name of the authenticated user.
+
  If the child handler exits, *htextauth* exits as well.
  
  OPTIONS
author	Fredrik Tolf <fredrik@dolda2000.com>
	Wed, 13 Apr 2011 11:52:31 +0000 (13:52 +0200)
committer	Fredrik Tolf <fredrik@dolda2000.com>
	Wed, 13 Apr 2011 11:53:45 +0000 (13:53 +0200)