Home/ Questions/Q 6124959
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-23T16:11:35+00:00

I need to find a way to force Apache to ask users for credentials

  • 0

I need to find a way to force Apache to ask users for credentials for each ressource they ask for under the root of my website.

This is my .htaccess content at the moment:

<Directory /var/www/vhosts/abcd>
  Dav On
  AuthType Basic
  AuthName "private"
  AuthBasicProvider external
  AuthExternal auth
  require valid-user
</Directory>

(This will call a Php script defined by auth.)

I want the user to authenticate again for each different ressource he might want to get, but keep the authentication alive when he successfully authenticate for a specific ressource.

Maybe I miss something about how I’m supposed to do this in an “Apache logic”, anyway, any help will be apreciated !

Thanks.

Edit:

I misunderstood the way Apache authentication worked. I supposed that when someone was authenticated, he didn’t need to authenticate again for any ressource under the same directory, but that’s not true. If my PHP script use the current URI of the file requested, I can return a different status code depending one the right for someone to access it or not, even if he was granted access to the root for example.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You’re using basic authentication. So the browser is practically “authenticating again” for every request it makes: it remembers the authentication user/pass you entered end sends it with every request afterwards.

    Can you please explain why you would want users to authenticate again and again? It might help us find a solution to your problem…

    • 0