From 032022a5bf5bce4a4179cb0d59bad0d48209adfa Mon Sep 17 00:00:00 2001
From: Arthur Britto <ahbritto@gmail.com>
Date: Fri, 18 Jan 2013 15:38:27 -0800
Subject: [PATCH] Clarify how security works in rippled-example.cfg

---
 rippled-example.cfg           | 28 ++++++++++++++++++----------
 src/cpp/ripple/WSConnection.h |  2 +-
 2 files changed, 19 insertions(+), 11 deletions(-)

diff --git a/rippled-example.cfg b/rippled-example.cfg
index e8fc94fb2b..9c3f12a863 100644
--- a/rippled-example.cfg
+++ b/rippled-example.cfg
@@ -114,27 +114,35 @@
 #
 # [rpc_user]:
 #   As a server, require a this user to specified and require rpc_password to
-#   be checked for RPC access.
+#   be checked for RPC access via the rpc_ip and rpc_port. The user and password
+#   must be specified via HTTP's basic authentication method.
 #
-#   As a client, supply this to the server.
+#   As a client, supply this to the server via HTTP's basic authentication
+#   method.
 #
 # [rpc_password]:
 #   As a server, require a this password to specified and require rpc_user to
-#   be checked for RPC access.
+#   be checked for RPC access via the rpc_ip and rpc_port. The user and password
+#   must be specified via HTTP's basic authentication method.
 #
-#   As a client, supply this to the server.
+#   As a client, supply this to the server via HTTP's basic authentication
+#   method.
 #
 # [rpc_admin_user]:
-#   As a server, require a this user to specified and require rpc_admin_password
-#   to be checked for RPC admin functions.
+#   As a server, require this as the admin user to be specified.  Also, require
+#   rpc_admin_user and rpc_admin_password to be checked for RPC admin functions.
+#   The request must specify these as the admin_user and admin_password in the
+#   request object.
 #
-#   As a client, supply this to the server.
+#   As a client, supply this to the server in the request object.
 #
 # [rpc_admin_password]:
-#   As a server, require a this password to specified and require rpc_admin_user
-#   to be checked for RPC admin functions.
+#   As a server, require this as the admin pasword to be specified.  Also,
+#   require rpc_admin_user and rpc_admin_password to be checked for RPC admin
+#   functions.  The request must specify these as the admin_user and
+#   admin_password in the request object.
 #
-#   As a client, supply this to the server.
+#   As a client, supply this to the server in the request object.
 #
 # [websocket_public_ip]:
 #   IP address or domain to bind to allow untrusted connections from clients.
diff --git a/src/cpp/ripple/WSConnection.h b/src/cpp/ripple/WSConnection.h
index 0bb51e9756..ca088225ec 100644
--- a/src/cpp/ripple/WSConnection.h
+++ b/src/cpp/ripple/WSConnection.h
@@ -99,7 +99,7 @@ public:
 
 		int iRole	= mHandler->getPublic()
 						? RPCHandler::GUEST		// Don't check on the public interface.
-						: iAdminGet(jvRequest, mRemoteIP);	// XXX Fix this to return the remote IP.
+						: iAdminGet(jvRequest, mRemoteIP);
 
 		if (RPCHandler::FORBID == iRole)
 		{