I am running apache2 and php5 in my Windows PC.
I have protected my directory using .htaccess
and.htpasswd
. If login information is not set, or if the username-password combination is not correct, the browser will prompt for a username and password box by default, if user tries to access protected dir.
But I want to redirect the user to a specific address or url. In short, I want to redirect user instead of displaying the HTTP basic authentication dialog. How can I make this possible?
I got this to work with an approach similar to AJ's. My .htaccess
file is very similar to the following:
AuthUserFile /opt/www/htaccess
AuthType Basic
DirectoryIndex public.txt
<Files "secret.txt">
require valid-user
FileETag None
Header unset ETag
Header set Cache-Control "max-age=0, no-cache, no-store, must-revalidate"
Header set Pragma "no-cache"
Header set Expires "Wed, 11 Jan 1984 05:00:00 GMT"
</Files>
<Files "public.txt">
FileETag None
Header unset ETag
Header set Cache-Control "max-age=0, no-cache, no-store, must-revalidate"
Header set Pragma "no-cache"
Header set Expires "Wed, 11 Jan 1984 05:00:00 GMT"
</Files>
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP:Authorization} !=""
RewriteRule ^$ secret.txt [L]
With this, the site behaves as follows:
1) Access the base URL -> see content from public.txt. 2) Access /secret.txt -> prompted to authenticate, and shown the contents of secret.txt. 3) Access the base URL again -> see content from secret.txt.
Using [L,R]
instead of [L]
will use a 302 response to handle the redirection. This is a good option if you want the redirection to be visible in the browser's location field.
<aside>Yes, I realize that this is a very late answer. The question was high in the Google search results, though, so I wanted to detail my approach in case I find myself doing the same search in the future. If anyone else benefits, it's even better.</aside>
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With