Update nginx-ldap-auth.conf

Tweak wording in comments, mostly for style. Changes to comments about setting the Bind DN and Base DN are required for accuracy.

nginx-ldap-auth.conf

@@ -35,7 +35,7 @@ http {
         location = /auth-proxy {
             internal;
 
-            # (Required) Set the IP address where the authorization daemon
+            # (Required) Set the IP address where the authentication daemon
             # is running, by replacing '127.0.0.1' with the appropriate
             # value. The authentication daemon listens on port 8888 as
             # configured in the Python script.
@@ -49,13 +49,12 @@ http {
             # The following directive adds the cookie to the cache key
             proxy_cache_key "$http_authorization$cookie_nginxauth";
 
-
+            # The auth daemon in the reference implementation communicates 
-            # By default, the reference implementation communicates with an
+            # with an OpenLDAP server, passing in the following parameters 
-            # OpenLDAP server, passing in the following parameters to specify
+            # to specify which user account to authenticate. To eliminate the 
-            # which user account to authenticate. To eliminate the need to
+            # need to modify the Python code, this file contains 
-            # modify the Python code, this file contains 'proxy_set_header'
+            # 'proxy_set_header' directives that correspond to the parameters. 
-            # directives that correspond to the parameters. Set or change them
+            # Set or change them as instructed in the comments.
-            # as instructed in the comments.
             #
             #    Parameter      Proxy header
             #    -----------    ----------------
@@ -71,22 +70,21 @@ http {
             # by replacing 'example.com' and '636' with the appropriate values.
             proxy_set_header X-Ldap-URL      "ldaps://example.com:636";
 
-            # (Required) Set the Base DN, by replacing 'Users', 'test', and
+            # (Required) Set the Base DN, by replacing the value enclosed in
-            # 'local' with the appropriate values.
+            # double quotes.
             proxy_set_header X-Ldap-BaseDN   "cn=Users,dc=test,dc=local";
 
-            # (Required) Set the Bind DN, by replacing 'root', 'test', and
+            # (Required) Set the Bind DN, by replacing the value enclosed in
-            # 'local' with the appropriate values.
+            # double quotes.
             proxy_set_header X-Ldap-BindDN   "cn=root,dc=test,dc=local";
 
             # (Required) Set the Bind password, by replacing 'secret'
-            # with the appropriate value.
             proxy_set_header X-Ldap-BindPass "secret";
 
             # (Required) The following directives set the cookie name and pass
-            # it, respectively. They are required if you are using
+            # it, respectively. They are required for cookie-based 
-            # cookie-based authentication. Comment them out if using HTTP
+            # authentication. Comment them out if using HTTP basic
-            # basic authentication.
+            # authentication.
             proxy_set_header X-CookieName "nginxauth";
             proxy_set_header Cookie nginxauth=$cookie_nginxauth;
 
@@ -96,13 +94,12 @@ http {
 
             # (Optional if using OpenLDAP as the LDAP server) Set the LDAP
             # template by uncommenting the following directive and replacing
-            # '(cn=%(username)s)' (the default set in the Python script) with
+            # '(cn=%(username)s)' (the default set in the Python script):
-            # the appropriate value:
             #proxy_set_header X-Ldap-Template "(cn=%(username)s)";
 
             # (Optional) Set the realm name, by uncommenting the following
             # directive and replacing 'Restricted' (the default set in the
-            # Python script) with the appropriate value.
+            # Python script).
             #proxy_set_header X-Ldap-Realm    "Restricted";
         }
     }