X-Git-Url: http://git.indexdata.com/?a=blobdiff_plain;f=doc%2Flibrary-configuration.markdown;h=23b40eae94ca0ff94103b52682ae6002dced8530;hb=4ab9cd98b30fbe57ba8c67875f4cd84efd3b5c5a;hp=ee740964f21146493d39052577f3a98de8596964;hpb=9c77ee20763651018712f75847a7bb19d05dbd13;p=mkws-moved-to-github.git

diff --git a/doc/library-configuration.markdown b/doc/library-configuration.markdown
index ee74096..23b40ea 100644
--- a/doc/library-configuration.markdown
+++ b/doc/library-configuration.markdown
@@ -86,13 +86,13 @@ the "Referring URL" field.
 If your application accesses the Service Proxy by a unique virtual
 hostname -- yourname.sp-mkws.indexdata.com, say -- you can tie the use
 of this hostname to your library by setting the User Access record's
-"Host Name" field to name of the host where the SP is accessed. NOTE
-THAT THIS IS NOT SECURE, AS OTHER APPLICATIONS CAN USE THIS VIRTUAL
-HOSTNAME TO GAIN ACCESS TO YOUR LIBRARY.
+"Host Name" field to name of the host where the SP is accessed. **Note
+that this is not secure, as other applications can use this virtual
+hostname to gain access to your library.**
 
-TODO Authentication by IP address does not yet work correctly -- see
-bug MKWS-234 ("Improve SP configuration/proxying for better
-authentication").
+> TODO Authentication by IP address does not yet work correctly -- see
+> bug MKWS-234 ("Improve SP configuration/proxying for better
+> authentication").
 
 Alternatively, your application can authenticate by username and
 password credentials. This is a useful approach in several situations,
@@ -114,9 +114,9 @@ authentication is used, this is very simple:
 	<script type="text/javascript">
 	  var mkws_config = { service_proxy_auth:
 	  "//sp-mkws.indexdata.com/service-proxy/?command=auth&action=perconfig" };
-        </script>
+	</script>
 
-TODO This should be the default setting
+> TODO This should be the default setting
 
 And ensure that access to the MWKS application is from the correct
 Referrer URL or IP-range.
@@ -125,26 +125,26 @@ Referrer URL or IP-range.
 
 When hostname-based authentication is in use, it's necessary to access
 the Service Proxy as the correctly named virtual host. This can be
-done by setting the service_proxy_auth configuration item to a
+done by setting the `service_proxy_auth` configuration item to a
 URL containing that hostname, such as
-	//yourname.sp-mkws.indexdata.com/service-proxy/?command=auth&action=perconfig
+`//yourname.sp-mkws.indexdata.com/service-proxy/?command=auth&action=perconfig`
 
-TODO It should be possible to change just the hostname without needing
-to repeat the rest of the URL (protocol, path, query)
+> TODO It should be possible to change just the hostname without
+> needing to repeat the rest of the URL (protocol, path, query)
 
-TODO When changing the SP authentication URL, the Pazpar2 URL should in
-general change along with it.
+> TODO When changing the SP authentication URL, the Pazpar2 URL should
+> in general change along with it.
 
 ### Stage C2 (optional): embed credentials for access to the library
 
 When credential-based authentication is in use (username and
 password), it's necessary to pass these credentials into the Service
 Proxy when establishing the session. This can most simply be done just
-by setting the service_proxy_auth configuration item to a URL such as
-	//sp-mkws.indexdata.com/service-proxy/?command=auth&action=perconfig&username=mike&password=swordfish
+by setting the `service_proxy_auth` configuration item to a URL such as
+`//sp-mkws.indexdata.com/service-proxy/?command=auth&action=perconfig&username=mike&password=swordfish`
 
-TODO It should be possible to add the username and password to the
-configuration without needing to repeat the rest of the URL.
+> TODO It should be possible to add the username and password to the
+> configuration without needing to repeat the rest of the URL.
 
 ### Stage D (optional): conceal credentials from HTML source
 
@@ -162,13 +162,15 @@ to that local authentication URL. Here is one way to do it when
 Apache2 is the application's web-server, which we will call
 yourname.com:
 
-	- Add a rewriting authentication alias to the configuration:
-		RewriteEngine on
-		RewriteRule /spauth/ http://mkws.indexdata.com/service-proxy/?command=auth&action=check,login&username=U&password=PW [P]
-	- Set thwe MKWS configuration item "service_proxy_auth" to:
-		http://yourname.com/spauth/
-	- Protect access to the local path http://yourname.com/spauth/
-		(e.g. using a .htaccess file).
+- Add a rewriting authentication alias to the configuration:
+
+	RewriteEngine on
+	RewriteRule /spauth/ http://mkws.indexdata.com/service-proxy/?command=auth&action=check,login&username=U&password=PW [P]
+
+- Set the MKWS configuration item `service_proxy_auth` to
+  `http://yourname.com/spauth/`
+- Protect access to the local path `http://yourname.com/spauth/`
+  (e.g. using a .htaccess file).
 
 
 3. Choosing targets from the library