Use basic auth for different URIs in a .htaccess file

Question

My problem is the following. I have several URIs that I need to put behind a basic authentication, preferably using the .htaccess file. I have done this using the Location directive in the httpd.conf file, but this is far from ideal.

So my ideal world would be this:

URI1 => user1, pwd1

URI2 -> user2, pwd2

URI3 -> no auth

URI4 -> user3, pwd3

I've seen some solutions using an env variable, but it seems to me that those can only be of binary use, either you get authenticated by a general htpasswd file, or you don't. My solution would have to have different users per different URI.

If my problem isn't thoroughly explained let me know.

Answer 1

Instead of using the <Location> container, you can use the <Files> container instead to match a specific file that is inside the directory that the request is for . It'll work the same way.

For example, if you have a directory "foo" and "bar", and inside those directories, you have files "type1.php" and "type2.php", then you'd have an htaccess file in "foo" that looks like:

<Files "type1.php">
# htpasswd stuff
Require user user1
</Files>

<Files "type2.php">
# htpasswd stuff
Require user user2
</Files>

then in the "bar" directory:

<Files "type1.php">
# htpasswd stuff
Require user user3
</Files>

<Files "type2.php">
# htpasswd stuff
Require user user4
</Files>

Answer 2

You just need to put a .htaccess file where each different URI is so...

AuthUserFile /path/to/file/.htpasswd
AuthName "Password Protected"
AuthType Basic
Require valid-user

Then inside the .htpasswd file you have:

user:password

Obviously you would want to encrypt the password

I think this is what you are asking for?