Yes I see where you are confused.. Believe me I've been there..
AuthName defines the "realm".. if each subdirectory has the same realm, your browser will already think it has passed the correct authentication to subdirectoryB because it already passed the realm: "Please Login" for subdirectoryA
attached RFC Link wrote:The realm directive (case-insensitive) is required for all
authentication schemes that issue a challenge. The realm value
(case-sensitive), in combination with the canonical root URL of the server being accessed, defines the protection space.
These realms allow the protected resources on a server to be
partitioned into a set of protection spaces, each with its own
authentication scheme and/or authorization database. The realm value
is a string, generally assigned by the origin server, which may have
additional semantics specific to the authentication scheme. Note that
there may be multiple challenges with the same auth-scheme but
different realms.
The solution is to create 3 separate realms,
realm 1: "Please Login to A"
realm 2: "Please Login to B"
realm 3: "Please Login to C"
- Code: Select all
AuthUserFile /www/m/mysite/pwds/subDirectoryA.htpasswd
AuthName "Please Login to A"
AuthType Basic
require valid-user
AuthUserFile /www/m/mysite/pwds/subDirectoryB.htpasswd
AuthName "Please Login to B"
AuthType Basic
require valid-user
AuthUserFile /www/m/mysite/pwds/subDirectoryC.htpasswd
AuthName "Please Login to C"
AuthType Basic
require valid-user
You might also consider using htaccess groups instead of separate files.
If you want to learn all about this type of authentication, check this out
http://www.ietf.org/rfc/rfc2617.txt
