diff --git a/doc/adminguide.html b/doc/adminguide.html
index da25388..0568ae3 100755
--- a/doc/adminguide.html
+++ b/doc/adminguide.html
@@ -243,6 +243,37 @@ URL = http://your.proxy.host/subdir/
into elogd.cfg.<p>
+<h3><hr><i>Using apache authentication:</i></h3>
+It is also possible to login via an apache-auth module.
+In elogd.cfg you should use the keyword "Webserver" for Authentication:
+
+<ul><pre>
+Authentication = Webserver
+</pre></ul>
+This triggers elogd to use the environment variable "X-Forwarded-User" as the logged in user.
+A simple example of a apache configuration (including the proxy) is :
+<ul><pre>
+# this required to pass on the generated env-variable X-Forwarded-User to the proxy
+ProxyPassInterpolateEnv On
+
+ProxyPass /elog/ http://your.host.domain:8080/
+
+<Location "/elog">
+ Order allow,deny
+ Allow from all
+ AuthType Basic
+ AuthName "elog-server"
+ AuthUserFile "/opt/elog/htpasswd"
+ require valid-user
+ RequestHeader unset Authorization
+ RequestHeader add X-Forwarded-User %{REMOTE_USER}s
+ # elog doesn't like the '@', so we need to cut it
+ RequestHeader edit X-Forwarded-User "@(.*)$" ""
+</Location>
+</pre></ul>
+
+
+
<hr><a name="imagemagick"> <div class=section> Installing ImageMagick </div> <p>
When images are attached to ELOG entries, thumbnails can be created for quick preview.
This works also for PDF and PostScript files. ELOG forwards any image operation
diff --git a/doc/config.html b/doc/config.html
index 9848f58..9e98855 100755
--- a/doc/config.html
+++ b/doc/config.html
@@ -2207,6 +2207,22 @@ Options Location = Main Building{a}, New Building{b}, Old Building{c}
you have to change your password by other means (such as via the Windows
login if you use a Windows Domain).
</p>
+ <p>
+ Beside the Kerberos authentication, elogd version 3.0 and higher can be configured to accept a authentication done
+ by the webserver.
+ <ul>
+ <li>
+ <b><code>Authentication = Webserver</code></b>
+ </li>
+ </ul>
+ </p>
+ <p>
+ You can also combine it with other authentication methods as shown for Kerberos.
+ </p>
+ <p>
+ Elogd is then accepting the username set in the Request-Header "X-Forwarded-User" as already logged in.<br/>
+ To make this work, you need to configure the webserver correctly, as describe in the adminguide.
+ </p>
<p>
<a name="email" id="email"></a>
|