tags:

views:

14

answers:

1
Q: 

HTTP Basic Auth Exclude Single File

Part of my .htaccess file looks like this-

AuthUserFile /path/to/.htpasswd
AuthName "Authorization Required"
AuthType Basic
require valid-user

Doing that requires the Basic HTTP authentication for the entire directory and the directories below it as well. However, I have a single file within that root directory, thubservice.php, that should not require the HTTP authentication.

From what I have seen, I need to use <FilesMatch />, but I cannot figure out the pattern to match all but that given file.

+2  A:  
AuthUserFile /path/to/.htpasswd
AuthName "Authorization Required"
AuthType Basic
require valid-user
<Files "thubservice.php">
    Satisfy Any
    Allow from all
</Files>
 2010-10-05 16:10:53
+1 what I was typing. You *could* do it with a negative lookahead like `<FilesMatch "^(?!thubservice\.php)">`, but it'd probably be less efficient. Let's not drag regexen into it until we need to.
bobince  2010-10-05 16:12:14

related questions

How do I write Firefox add-on that automatically enters proxy passwords?
Login Integration in PHP
Strange Rails Authentication Issue
Concurrent logins in a web farm
Is there a browser equivalent to IE's ClearAuthenticationCache?
How can I authenticate using client credentials in WCF just once?
Why can't I connect to my CAS server with Perl's AuthCAS?
Best Solution For Authentication in Ruby on Rails
Authenticate on an ASP.Net Forms Authorization website from a console app
How do I use NTLM authentication with Active Directory
What have you used Windows CardSpace for, if anything
Forms Authentication across Applications
Retreiving the PC Name of a Client? (Windows Auth)
How would you implement FORM based authentication without a backing database?
What's the best way to authenticate over WCF?
Only accepting certain ajax requests from authenticated users
OpenID authentication in Ruby on Rails
OpenID Attribute Exchange - should I use it?
OpenID: which provider should I recommend to my users?
What to use for login ID?
ASP.NET authentication: user name Vs User ID
How do I add SSL to a .net application that uses httplistener - it will *not* be running on IIS
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Checklist for IIS 6/ASP.NET Windows Authentication?
The Definitive Guide To Website Authentication