Redirection & password protection

tweetysat · September 29, 2010, 7:33am

Hello.

I’ve got some problems with .htaccess

In the root folder of my site, I’ve got

RewriteEngine On
RewriteCond %{HTTP_HOST} ^toto.net
RewriteRule (.*) http://www.toto.net/$1 [R=301,L]

so that toto.net is redirected to www.toto.net. Ok, it’s working.

Now I’ve got a subfolder called ‘test’ with this .htaccess


AuthUserFile /homez.110/toto/www/test/.htpasswd
AuthGroupFile /dev/null
AuthName "Accès Restreint"
AuthType Basic
<Limit GET POST>
  require valid-user
</Limit>

so that www.toto.net/test is asking me a username and a password. It’s also working.

But … if i use toto.net/net, it asks me the user/password. Ok. Then redirect to www.toto.net/test. Ok. But then ask me a second time the user/password. It seems to be logic but is not what i want. How to avoid the system asking me the second identification ?

Thanks.

tweetysat · September 30, 2010, 1:24pm

Ok, thanks. :tup:

I will use it with a link (and www. )

dklynn · September 29, 2010, 8:40pm

tweety,

With what you’ve shown in your first post, that is not possible. Your second post does not show anything that would indicate that there is password protection on the net subdirectory. Was that a typo? Should it have been toto.net/test? If it was, then I’d say that the Apache core is asking for the password before mod_rewrite gets to redirect - and there’s nothing you can do about Apache’s ordering of its internal processes (except to use the correct link, of course).

Regards,

DK

dklynn · September 30, 2010, 7:31am

tweety,

No problem! You sure had me fooled, though!

Okay, for your problem:

How is your toto.net/test directory linked? Do you provide a link in your website or is it a matter that someone has to type the link in their browser?

IMHO, it’s a poor technique to force typing so you should be providing a link - even if you hide the link by only displaying it to a specific login which can be maintained by $_SESSION data. Therefore, if you’re providing a link, provide the www’d link, not the no-www link. Hey, an internal link will do that for you, anyway, as you’re forcing www on the entire website! Then, you won’t have to worry about a non-www link and the problem evaporates into thin air … like magic!

Regards,

DK

tweetysat · September 30, 2010, 7:14am

Ok, I’ve understood. You’re right.
I wrote toto.net/net in place of toto.net/test !!

So for you there is no solution ? What do you mean with “except to use the correct link, of course” ?

Thanks.

tweetysat · September 29, 2010, 8:13am

Hi,

I don’t understand what you think is missing.
In the root, just 4 lines but I don’t think there is a link with the problem


RewriteEngine On
RewriteCond %{HTTP_HOST} ^toto.net
RewriteRule (.*) http://www.toto.net/$1 [R=301,L]

SetEnv PHP_VER 5
SetEnv REGISTER_GLOBALS 0
Options -Indexes
DirectoryIndex index.html index.php

dklynn · September 29, 2010, 7:58am

tweetysat:

Hello.

I’ve got some problems with .htaccess

In the root folder of my site, I’ve got
RewriteEngine On
RewriteCond %{HTTP_HOST} ^toto.net
RewriteRule (.*) http://www.toto.net/$1 [R=301,L]
so that toto.net is redirected to www.toto.net. Ok, it’s working.

Now I’ve got a subfolder called ‘test’ with this .htaccess
AuthUserFile /homez.110/toto/www/test/.htpasswd
AuthGroupFile /dev/null
AuthName "Accès Restreint"
AuthType Basic
<Limit GET POST>
  require valid-user
</Limit>
so that www.toto.net/test is asking me a username and a password. It’s also working.

But … if i use toto.net/net, it asks me the user/password. Ok.[indent]WAIT! THAT’s NOT OKAY with what you’ve shown! Obviously, the problem is that you’re not showing everything.[/indent]Then redirect to www.toto.net/test. Ok. But then ask me a second time the user/password. It seems to be logic but is not what i want. How to avoid the system asking me the second identification ?

Thanks.

Please show ALL your .htaccess in the DocumentRoot, net directory and test directory as there is something missing in what you’ve shown.

Regards,

DK