Update nginx-ldap-auth.conf

Further refinements to comments about 'server' block and 'proxy_set_header' directives.

nginx-ldap-auth.conf

@@ -5,7 +5,7 @@ events { }
 http {
     proxy_cache_path cache/  keys_zone=auth_cache:10m;
 
-    # The back-end daemon listens on port 9000 as configured 
+    # The back-end daemon listens on port 9000 as implemented 
     # in backend-sample-app.py.  
     # Change the IP address if the daemon is not running on the
     # same host as NGINX/NGINX Plus.
@@ -13,6 +13,8 @@ http {
         server 127.0.0.1:9000;
     }
 
+    # NGINX/NGINX Plus listen on port 8081 for requests that require
+    # authentication. Change the port number as appropriate.
     server {
         listen 127.0.0.1:8081;
         server_name  localhost;
@@ -38,8 +40,8 @@ http {
         location = /auth-proxy {
             internal;
 
-            # The ldap-auth daemon listens on port 8888, as configured
-            # in the nginx-ldap-auth.py. 
+            # The ldap-auth daemon listens on port 8888, as set
+            # in nginx-ldap-auth-daemon.py. 
             # Change the IP address if the daemon is not running on
             # the same host as NGINX/NGINX Plus.
             proxy_pass http://127.0.0.1:8888;
@@ -52,12 +54,12 @@ http {
             # The following directive adds the cookie to the cache key
             proxy_cache_key "$http_authorization$cookie_nginxauth";
 
-            # In the reference implementation, the ldap-auth daemon communicates 
-            # with an OpenLDAP server, passing in the following parameters 
-            # to specify which user account to authenticate. To eliminate the 
-            # need to modify the Python code, this file contains 
-            # 'proxy_set_header' directives that correspond to the parameters. 
-            # Set or change them as instructed in the comments.
+            # As implemented in nginx-ldap-auth-daemon.py, the ldap-auth daemon  
+            # communicates with an OpenLDAP server, passing in the following  
+            # parameters to specify which user account to authenticate. To  
+            # eliminate the need to modify the Python code, this file contains 
+            # 'proxy_set_header' directives that set the values of the 
+            # parameters. Set or change them as instructed in the comments.
             #
             #    Parameter      Proxy header
             #    -----------    ----------------
@@ -70,7 +72,7 @@ http {
             #    url            X-Ldap-URL
 
             # (Required) Set the URL and port for connecting to the LDAP server,
-            # by replacing 'example.com' and '636' with the appropriate values.
+            # by replacing 'example.com' and '636'.
             proxy_set_header X-Ldap-URL      "ldaps://example.com:636";
 
             # (Required) Set the Base DN, by replacing the value enclosed in
@@ -97,12 +99,13 @@ http {
 
             # (Optional if using OpenLDAP as the LDAP server) Set the LDAP
             # template by uncommenting the following directive and replacing
-            # '(cn=%(username)s)' (the default set in the Python script):
+            # '(cn=%(username)s)' which is the default set in 
+            # nginx-ldap-auth-daemon.py.
             #proxy_set_header X-Ldap-Template "(cn=%(username)s)";
 
             # (Optional) Set the realm name, by uncommenting the following
-            # directive and replacing 'Restricted' (the default set by the
-            # Python script).
+            # directive and replacing 'Restricted' which is the default set 
+            # in nginx-ldap-auth-daemon.py.
             #proxy_set_header X-Ldap-Realm    "Restricted";
         }
     }