htaccess and URL-based Authentication

Forum Moderators: phranque

Message Too Old, No Replies

htaccess and URL-based Authentication

thedust2010

8:26 pm on Sep 23, 2008 (gmt 0)

We have a site where all of the URLs are being rewritten using mod_rewrite rules as defined in .htaccess. I need to know how to check the URL so that all URLs that look like "mydomain.com/training" are protected using Apache authentication methods. Examples:

[mydomain.com...]
[mydomain.com...]

Is it possible to analyze the rewritten URL string and execute authentication methods if the URL path begins with "/training"?

Let me know if this needs further clarification. Any help is MUCH appreciated because I've run out of ideas.

thedust2010

10:34 pm on Sep 23, 2008 (gmt 0)

I figured this out and the answer was really simple... I just created an empty folder called "training" and placed a separate .htaccess file there. Even though /training is only part of a re-written URL, Apache still looks through the physical server path and parses any .htaccess files it finds. Cool.

jdMorgan

12:59 am on Sep 24, 2008 (gmt 0)

Thanks for posting the answer! This works because mod_auth executes before mod_rewrite, so the server doesn't 'know' the URL is to be rewritten yet.

Jim

g1smd

9:53 am on Sep 24, 2008 (gmt 0)

...and that also answers a question that was formulating in my head right at this very moment.

Thanks again.