I'm wondering if it is possible to have multiple logins for one password protected directory, but depending on the username/password entered, the user is only able to view one page?

Ie.

URL: www.domain.com/secure/

Username: user1
Password: user1
Page directed to: www.domain.com/secure/user1.html


Username: user2
Password: user2
Page directed to: www.domain.com/secure/user2.html

Is this possible?

And if not, can you direct them to another directory within /secure/?

Hi, i'm not sure that you can do this with only a .htaccess but you could work your way around easily with a simple php script that will read environment variable $_SERVER["PHP_AUTH_USER"] and redirect depending on the value of the variable.

This shouldn't be too hard to do.

Maybe try this?:

<files "user1.html">
AuthUserFile /path/to/passwd/file/for/user
AuthType Basic
AuthName "Protected Document"
require valid-user
</files>

AFAIK the Auth directives only apply to directories. If I were you I would put each of these files in separate directories, and then password protect each one separately.

Maybe try this?:

<files "user1.html">
AuthUserFile /path/to/passwd/file/for/user
AuthType Basic
AuthName "Protected Document"
require valid-user
</files>


Thanks, I'll give that a shot.


AFAIK the Auth directives only apply to directories. If I were you I would put each of these files in separate directories, and then password protect each one separately.

This, unfortunately, is not an option as it is not what the client wants. If we can't do it with .htaccess, we'll have to use another form of verification.

You can also restrict access to specific users using require:
Require user me you ...

That would allow you to use the same password file for all of the users. Require works in Location, Directory, Files, and Limit containers, so you can definitely do this:
<files "me.html">
AuthUserFile /path/to/passwd/file
AuthType Basic
AuthName "Protected Document"
require user me
</files>
<files "you.html">
AuthUserFile /path/to/passwd/file
AuthType Basic
AuthName "Protected Document"
require user you
</files>
It not clear if you can do this:
AuthUserFile /path/to/passwd/file
AuthType Basic
AuthName "Protected Document"
<files "me.html">
require user me
</files>
<files "you.html">
require user you
</files>

Will this work if multiple users need access to the same file?

Also, will this work in the manner I described in my original post?

You would need to use mod_rewrite (specifically a RewriteCond with %{REMOTE_USER}) to transparently map them to specific files. You can list as many users as you need on the require line, or switch to group handling if you want to drag several directories into this.

Would you be able to describe how to use the RewriteCond in order to transparently map them to the correct file?

If you are able to use any sort of server-side programming, this becomes an easy task.

I had a similar case where a client wanted to protect mulitple files and allow specified users access on a per-file basis. We tried the .htaccess route, but ended up creating our own solution using PHP and a small admin backend to create user accounts.

This was for a content subscription service, and our main problem was that the content providers were doing mass updates via FTP (Frontpage, actually).

Let me know if this is an option for you and I will gladly help you sort it out.

Does it work in the manner that I stated in my original post? Ie. A user clicks on a directory /secure/ and enters in their username/password. Depending on their username, they are directed to a particular file and are unable to access any other files within the directory.

We did it on a directory/directory basis, but the system can easily be extended to a file basis.