Hi Bruno, may be you're right, I read long time ago, but actually don't remember exactly the RFC. So now I have just implemented such configuration with Apache 2.2.
Into the document root I have created a .htaccess with this configuration: AuthType Basic AuthName "Root Restricted Files" AuthBasicProvider file AuthUserFile /var/www/.htpasswd require valid-user After I created a directory /var/www/test1 where I have created a new .htaccess file with this configuration: AuthType Basic AuthName "Test1 Restricted Files" AuthBasicProvider file AuthUserFile /var/www/test1/.htpasswd require valid-user Into /var/www/.htpasswd there is: # htpasswd -bn root password root:UYMXijHR5MW42 Into /var/www/test1/.htpasswd there is: # htpasswd -bn test1 password1 test1:P5ENtSmla14FQ Well, it is working pretty well, please try it. I have also tried to add a third directory with different credential, every thinks works like a charm :) Best, Vincenzo 2013/5/21 Bruno Tréguier <bruno.tregu...@shom.fr> > Le 21/05/2013 à 11:07, Vincenzo D'Amore a écrit : > > Hi Miguel, > > > > yes it is possible, you could add a couple of file in each directory > > (.htaccess and .htpasswd). > > Those files should override the root authentication configuration with a > > new local config. > > > > I suggest to read here how to implement such configuration: > > > > http://httpd.apache.org/docs/2.2/howto/auth.html > > Hello Vincenzo and Miguel, > > I've been looking for such a configuration as well long ago, and I had > come to the conclusion that it was not possible, as only *one* > Authorization header is allowed (as far as I know). > > RFC2616 (HTTP/1.1) also states, in its §14.8: > > "If a request is authenticated and a realm specified, the same > credentials SHOULD be valid for all other requests within this realm". > > So, as I undestand it, you cannot use a login/password pair for a local > resource accessible via, e.g., "/a/", and another login/password pair > for another local resources located "under", e.g. "/a/b/" (as accessing > /a/b/'s realm implies accessing "/a/'s realm first). > > I may be wrong, that being said, but if anyone has a solution for that, > I'd love to read how it was implemented. > > Regards, > > Bruno > > -- > - Service Hydrographique et Oceanographique de la Marine - DMGS/INF > - 13, rue du Chatellier - CS 92803 - 29228 Brest Cedex 2, FRANCE > - Phone: +33 2 98 22 17 49 - Email: bruno.tregu...@shom.fr > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > > -- Vincenzo D'Amore email: v.dam...@gmail.com skype: free.dev mobile: +39 349 8513251
