Is there anyway to protect the root directory of a domain, but not its sub directories?

Example:

protect http://www.test.com

but not:

http://www.test.com/testing

I want to do this through the .htaccess file if possible, however the folllowing does not work:

<Directory /path/to/testing>
AuthUserFile /path/to/passwords
AuthGroupFile /dev/null
AuthName "Testing Stuff"
AuthType Basic
<Limit GET POST>
require user test
</Limit>
</Directory>

I seem to remember reading how this can be done, but can't remember. Any help would be appreciated.

Thanks

Put a .htaccess inside testing directory containing:


order allow,deny
allow from all

Sorry, my example above probably doesn't work :).

Try moving the testing directory outside the document root, and use Alias to map the testing directory.

Alias /testing/ /path/to/testing/

I would like to keep everything within the DocumentRoot. This is a client's account, and he is wanting the above done. I'm almost sure that I've seen it done before, but I can't remember it. Maybe I dreamt it. I don't know

I'm not sure if this is ever possible in Apache. I think that apache will not even look into the testing directory if you don't have access to one of its parents.