From 6ab2710655e6a197eb0f3934273947ad2281861b Mon Sep 17 00:00:00 2001
From: Mark Craig <mark.craig@forgerock.com>
Date: Wed, 05 Jun 2013 16:49:09 +0000
Subject: [PATCH] Additional fix for OPENDJ-731 - Reference documentation for ssl-client-auth-policy values is misleading

---
 opends/src/admin/messages/HTTPConnectionHandlerCfgDefn.properties |    6 +++---
 1 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/opends/src/admin/messages/HTTPConnectionHandlerCfgDefn.properties b/opends/src/admin/messages/HTTPConnectionHandlerCfgDefn.properties
index 4ab2f19..c3f0750 100644
--- a/opends/src/admin/messages/HTTPConnectionHandlerCfgDefn.properties
+++ b/opends/src/admin/messages/HTTPConnectionHandlerCfgDefn.properties
@@ -49,11 +49,11 @@
 property.ssl-cipher-suite.synopsis=Specifies the names of the SSL cipher suites that are allowed for use in SSL communication.
 property.ssl-cipher-suite.default-behavior.alias.synopsis=Uses the default set of SSL cipher suites provided by the server's JVM.
 property.ssl-cipher-suite.requires-admin-action.synopsis=Changes to this property take effect immediately but will only impact new SSL/TLS-based sessions created after the change.
-property.ssl-client-auth-policy.synopsis=Specifies the policy that the HTTP Connection Handler should use regarding client SSL certificates.
+property.ssl-client-auth-policy.synopsis=Specifies the policy that the HTTP Connection Handler should use regarding client SSL certificates. Clients can use the SASL EXTERNAL mechanism only if the policy is set to "optional" or "required".
 property.ssl-client-auth-policy.description=This is only applicable if clients are allowed to use SSL.
 property.ssl-client-auth-policy.syntax.enumeration.value.disabled.synopsis=Clients must not provide their own certificates when performing SSL negotiation.
-property.ssl-client-auth-policy.syntax.enumeration.value.optional.synopsis=Clients are requested to provide their own certificates when performing SSL negotiation. The connection is nevertheless accepted if the client does not provide a certificate.
-property.ssl-client-auth-policy.syntax.enumeration.value.required.synopsis=Clients are required to provide their own certificates when performing SSL negotiation and are refused access if they do not provide a certificate.
+property.ssl-client-auth-policy.syntax.enumeration.value.optional.synopsis=Clients are requested to provide their own certificates when performing SSL negotiation, but still accept the connection even if the client does not provide a certificate.
+property.ssl-client-auth-policy.syntax.enumeration.value.required.synopsis=Clients are requested to provide their own certificates when performing SSL negotiation. The connection is nevertheless accepted if the client does not provide a certificate.
 property.ssl-protocol.synopsis=Specifies the names of the SSL protocols that are allowed for use in SSL communication.
 property.ssl-protocol.default-behavior.alias.synopsis=Uses the default set of SSL protocols provided by the server's JVM.
 property.ssl-protocol.requires-admin-action.synopsis=Changes to this property take effect immediately but only impact new SSL/TLS-based sessions created after the change.

--
Gitblit v1.10.0