I have created a query based authentication on my apache server, but I've got a strange behavior from apache, and can't find my way out of this. Here is the .htaccess code:
RewriteEngine on
RewriteCond %{QUERY_STRING} p=1
RewriteRule ^(.*)$ $1?map=$1 [E=authme:1]
Order deny,allow
Deny from env=authme
AuthType Basic
AuthName "Login Required"
AuthUserFile /var/www/test/.htpasswd
require valid-user
Satisfy any
I expect apache to look at query string for p=1. If found an environmental variable is set (authme=1). This works fine!
I expect then that authentication is required (Deny from env=authme) if p=1 is present in query string.
All this stuffs works wonderfully if a call from the browser the main the index file (in my case index.php), but does not work at all if a call an other file in the same directory.
Environmental variable is correctly set (I can check it with PHP), but no authentication is required.
I really can not understand why. Any help will be appreciated!
More info can be found here
should be