Hi Bruno,may be you're right, I read long time ago, but actually don't remember exactly the RFC.So now I have just implemented such configuration with Apache 2.2.Into the document root I have created a .htaccess with this configuration:AuthType BasicAuthName "Root Restricted Files"AuthBasicProvider fileAuthUserFile /var/www/.htpasswdrequire valid-userAfter I created a directory /var/www/test1 where I have created a new .htaccess file with this configuration:AuthType BasicAuthName "Test1 Restricted Files"AuthBasicProvider fileAuthUserFile /var/www/test1/.htpasswdrequire valid-userInto /var/www/.htpasswd there is:# htpasswd -bn root passwordroot:UYMXijHR5MW42Into /var/www/test1/.htpasswd there is:# htpasswd -bn test1 password1test1:P5ENtSmla14FQWell, it is working pretty well, please try it.I have also tried to add a third directory with different credential, every thinks works like a charm :)Best,Vincenzo2013/5/21 Bruno Tréguier <Bruno.Treguier@shom.fr>Le 21/05/2013 à 11:07, Vincenzo D'Amore a écrit :
> Hi Miguel,Hello Vincenzo and Miguel,
> yes it is possible, you could add a couple of file in each directory
> (.htaccess and .htpasswd).
> Those files should override the root authentication configuration with a
> new local config.
> I suggest to read here how to implement such configuration:
I've been looking for such a configuration as well long ago, and I had
come to the conclusion that it was not possible, as only *one*
Authorization header is allowed (as far as I know).
RFC2616 (HTTP/1.1) also states, in its §14.8:
"If a request is authenticated and a realm specified, the same
credentials SHOULD be valid for all other requests within this realm".
So, as I undestand it, you cannot use a login/password pair for a local
resource accessible via, e.g., "/a/", and another login/password pair
for another local resources located "under", e.g. "/a/b/" (as accessing
/a/b/'s realm implies accessing "/a/'s realm first).
I may be wrong, that being said, but if anyone has a solution for that,
I'd love to read how it was implemented.
- Service Hydrographique et Oceanographique de la Marine - DMGS/INF
- 13, rue du Chatellier - CS 92803 - 29228 Brest Cedex 2, FRANCE
- Phone: +33 2 98 22 17 49 - Email: Bruno.Treguier@shom.fr