Passsword protected folder

I have read and studied and googled and still don't quite get the
concept. If someone could give me a nudge in the right direction it
would be muckly appreciated.

I have a small server at work with SuSe 9.2 and Apache 2.x that we use
to hold small tibits or support information. The html docs path is
/srv/www/htdocs which is the standard path set in SuSe. I have one
folder under htdocs that I want to protect from the general users and
just allows the support folks use it. It is called admin. I have managed
to protect it in httpd.conf, using a user/password file. When I do this
however, it requires a username and password for all folders. Can anyone
give me a quick and dirty way of setting this up in the httpd.conf so
that only the admin folder is protected and anything else in htdocs is
free to be used by anyone else no username or password required?

Thanks in Advance
Jim

Jim Jones wrote:
> I have read and studied and googled and still don't quite get the
> concept. If someone could give me a nudge in the right direction it
> would be muckly appreciated.
>
> I have a small server at work with SuSe 9.2 and Apache 2.x that we use
> to hold small tibits or support information. The html docs path is
> /srv/www/htdocs which is the standard path set in SuSe. I have one
> folder under htdocs that I want to protect from the general users and
> just allows the support folks use it. It is called admin. I have managed
> to protect it in httpd.conf, using a user/password file. When I do this
> however, it requires a username and password for all folders. Can anyone
> give me a quick and dirty way of setting this up in the httpd.conf so
> that only the admin folder is protected and anything else in htdocs is
> free to be used by anyone else no username or password required?
>
> Thanks in Advance
> Jim

I'm relatively new at using Apache (so forgive me if I'm wrong!), but I
managed to get this working on my site. You'll want to create a
<Directory> structure set up something like this:

<Directory "/srv/htdocs/admin">
AuthType Basic
AuthName "Only Support Folks Allowed!"
AuthUserFile "/path/to/auth/file"
Require valid-user
</Directory>

That should make only the admin folder password-protected. Hope that helps!

~Chad

caepo3 wrote:
> Jim Jones wrote:
>> I have read and studied and googled and still don't quite get the
>> concept. If someone could give me a nudge in the right direction it
>> would be muckly appreciated.
>>
>> I have a small server at work with SuSe 9.2 and Apache 2.x that we use
>> to hold small tibits or support information. The html docs path is
>> /srv/www/htdocs which is the standard path set in SuSe. I have one
>> folder under htdocs that I want to protect from the general users and
>> just allows the support folks use it. It is called admin. I have
>> managed to protect it in httpd.conf, using a user/password file. When
>> I do this however, it requires a username and password for all
>> folders. Can anyone give me a quick and dirty way of setting this up
>> in the httpd.conf so that only the admin folder is protected and
>> anything else in htdocs is free to be used by anyone else no username
>> or password required?
>>
>> Thanks in Advance
>> Jim
>
> I'm relatively new at using Apache (so forgive me if I'm wrong!), but I
> managed to get this working on my site. You'll want to create a
> <Directory> structure set up something like this:
>
> <Directory "/srv/htdocs/admin">
> AuthType Basic
> AuthName "Only Support Folks Allowed!"
> AuthUserFile "/path/to/auth/file"
> Require valid-user
> </Directory>
>
> That should make only the admin folder password-protected. Hope that
> helps!
>
> ~Chad
Ok that part works, had it working in hte first place. I guess I mis
stated my query. Now that I have that one folder password protected, how
do I define the rest of the folders under the htdocs to be free for
anyone to use. When I invoke the method rules for the Admin folder it
either blocks access to the rest of the folders all together or the
users have to have a user name and password.

>> I'm relatively new at using Apache (so forgive me if I'm wrong!), but
>> I managed to get this working on my site. You'll want to create a
>> <Directory> structure set up something like this:
>>
>> <Directory "/srv/htdocs/admin">
>> AuthType Basic
>> AuthName "Only Support Folks Allowed!"
>> AuthUserFile "/path/to/auth/file"
>> Require valid-user
>> </Directory>
>>
>> That should make only the admin folder password-protected. Hope that
>> helps!
>>
>> ~Chad
>
> Ok that part works, had it working in hte first place. I guess I mis
> stated my query. Now that I have that one folder password protected, how
> do I define the rest of the folders under the htdocs to be free for
> anyone to use. When I invoke the method rules for the Admin folder it
> either blocks access to the rest of the folders all together or the
> users have to have a user name and password.

Chad's solution should do what you want. In your httpd.conf, you should
already have something like this:

<Directory "/srv/htdocs">
Order allow,deny
Allow from all
(... other directives ...)
</Directory>

so by adding

<Directory "/srv/htdocs/admin">
AuthType Basic
AuthName "Only Support Folks Allowed!"
AuthUserFile "/path/to/auth/file"
Require valid-user
</Directory>

you protect only /srv/htdocs/admin while leaving the rest of /srv/htdocs
unprotected for general viewing.

(make sure you're not nesting the <Directory "/srv/htdocs/admin">
section within the <Directory "/srv/htdocs"> section. Keep them
separate in your httpd.conf)