Add more explanation to REST auth mechanism to config

2018-08-28 16:34:34 +02:00 · 2018-08-28 16:34:34 +02:00 · fa523e8d09
commit fa523e8d09
parent 8e57960713
1 changed files with 18 additions and 1 deletions
--- a/examples/etc/turnserver.conf
+++ b/examples/etc/turnserver.conf
@ -179,8 +179,9 @@
 #no-auth

 # TURN REST API flag.
+# (Time Limited Long Term Credential)
 # Flag that sets a special authorization option that is based upon authentication secret.
-# This feature cannot be used with the long-term credential mechanism.
+#
 # This feature's purpose is to support "TURN Server REST API", see
 # "TURN REST API" link in the project's page 
 # https://github.com/coturn/coturn/
@ -197,6 +198,22 @@
 # The actual value of the secret is defined either by option static-auth-secret,
 # or can be found in the turn_secret table in the database (see below).
 # 
+# Read more about it:
+#  - https://tools.ietf.org/html/draft-uberti-behave-turn-rest-00
+#  - https://www.ietf.org/proceedings/87/slides/slides-87-behave-10.pdf
+#
+# Be aware that use-auth-secret overrides some part of lt-cred-mech.
+# Notice that this feature depends internally on lt-cred-mech, so if you set
+# use-auth-secret then it enables internally automatically lt-cred-mech option
+# like if you enable both.
+#
+# You can use only one of the to auth mechanisms in the same time because,
+# both mechanism use the username and password validation in different way.
+#
+# This way be aware that you can't use both auth mechnaism in the same time!
+# Use in config either the lt-cred-mech or the use-auth-secret
+# to avoid any confusion.
+#
 #use-auth-secret

 # 'Static' authentication secret value (a string) for TURN REST API only.