Multiple sign-in required with htaccess password protected directories

By ptepper on Mar 12, 2010 at 3:10 PM 11 Vote 0 Votes

Hi,

I have my MT blog in a htaccess password protected directory within a larger site. I get a password prompt when I get to the blog, then I get another password prompt when I go to an entry page. The entry is in a year/month subdirectory

Any idea how to get rid of these subsequent password prompts?

URL looks like this
https://.../blog/2010/03/my-entry.html

Running Movable Type Pro version 4.32-en

-paul

Reported on Movable Type 4.3

11 Replies

| Add a Reply

Mihai Bocsaru | March 13, 2010 10:15 AM | Reply

You may like to point both the blog and your year/month subdirectory to the same password file and use a common password for both.
lornaoha | March 13, 2010 11:45 PM | Reply

Thank you for sharing
Mihai Bocsaru | March 14, 2010 12:29 PM | Reply

It's a pleasure!
ptepper | March 15, 2010 9:08 AM | Reply

Thanks, but this does not solve the problem. I'm not using a password file, I'm using LDAP, but that's not really relevant. I'll try to clarify.

I have a private area, mysite.com/private, with lots of stuff in there. Amongst the other stuff is the blog, mysite.com/private/blog. Then there are entries under there, mysite.com/private/blog/2010/03/my-entry.html

The .htaccess file is in the top level of the private area, mysite.com/private. There are no other .htaccess files in the subdirectories. However, when you go to mysite.com/private/blog you have to login with your password. Once you've logged in, you are prompted again if you click to read an entry (mysite.com/private/blog/2010/03/my-entry.html).

I don't know why there's this additional prompt after you've already given your username & password and I'd like to get rid of it.

-paul
ptepper | March 18, 2010 11:11 AM | Reply

I think I figured this out. I had some static http://mydomain.com links and references in my templates that had to be switched to https, and I also had to switch the Site URL to https in the Publishing Settings. Seems to have solved the problem.

-paul
Mihai Bocsaru | March 18, 2010 1:23 PM | Reply

It solved it in the sense that now everything is based on https
ptepper | March 18, 2010 1:28 PM | Reply

Yes, that is what caused my problem, so that is the solution.
ochris.oc | March 29, 2010 12:19 PM | Reply

where exactly did you move the content to, in httpd.conf?
ptepper | March 29, 2010 1:12 PM | Reply

I didn't move the content, it was an issue with the templates. The templates I used had hard references to http: URLs, I had to change them to https or relative.
ochris.oc | March 29, 2010 8:50 PM | Reply

I am getting prompts for id/password for each image file displayed on the page. My .htaccess looks like this..

AuthName "Enter id and password"
AuthType Basic
AuthUserFile /www/test/src/.htpasswd
AuthGroupFile /www/tst/src/.htgroup
require group admins

If I add this it won't even ask once for id/password:

Order Deny,Allow
Allow From All
Satisfy Any

Any help would be greatly appreciated
Deneme | September 23, 2010 11:31 PM | Reply

Thanks admin