From fa523e8d09fa944181ee438765509d97f086d6d6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?M=C3=A9sz=C3=A1ros=20Mih=C3=A1ly?= <misi@niif.hu>
Date: Tue, 28 Aug 2018 16:34:34 +0200
Subject: [PATCH] Add more explanation to REST auth mechanism to config

---
 examples/etc/turnserver.conf | 19 ++++++++++++++++++-
 1 file changed, 18 insertions(+), 1 deletion(-)

diff --git a/examples/etc/turnserver.conf b/examples/etc/turnserver.conf
index 77591174..1623adde 100644
--- a/examples/etc/turnserver.conf
+++ b/examples/etc/turnserver.conf
@@ -179,8 +179,9 @@
 #no-auth
 
 # TURN REST API flag.
+# (Time Limited Long Term Credential)
 # Flag that sets a special authorization option that is based upon authentication secret.
-# This feature cannot be used with the long-term credential mechanism.
+#
 # This feature's purpose is to support "TURN Server REST API", see
 # "TURN REST API" link in the project's page 
 # https://github.com/coturn/coturn/
@@ -197,6 +198,22 @@
 # The actual value of the secret is defined either by option static-auth-secret,
 # or can be found in the turn_secret table in the database (see below).
 # 
+# Read more about it:
+#  - https://tools.ietf.org/html/draft-uberti-behave-turn-rest-00
+#  - https://www.ietf.org/proceedings/87/slides/slides-87-behave-10.pdf
+#
+# Be aware that use-auth-secret overrides some part of lt-cred-mech.
+# Notice that this feature depends internally on lt-cred-mech, so if you set
+# use-auth-secret then it enables internally automatically lt-cred-mech option
+# like if you enable both.
+#
+# You can use only one of the to auth mechanisms in the same time because,
+# both mechanism use the username and password validation in different way.
+#
+# This way be aware that you can't use both auth mechnaism in the same time!
+# Use in config either the lt-cred-mech or the use-auth-secret
+# to avoid any confusion.
+#
 #use-auth-secret
 
 # 'Static' authentication secret value (a string) for TURN REST API only.