Thanks Owen, >> I guess you're using apache 2? Actually, its 1.3... >> This sounds a lot like what happens when you have files in the directory which are subject to a Deny directive I am using a Require rather than Deny... but its the same issue.... >> - you can see them but can't access them in apache 1.3 but you can't see them at all in apache 2. Hmm, I am running 1.3... >> you can see them but can't access them You describe it well - thats exactly the behaviour I want. I want people to be able to see the protected files/dirs, but get prompted for a password in order access them... (subject to authorisation...) >> there is a discussion at: http://marc.theaimsgroup.com/?l=apache-httpd-users&m=107632025906691&w=2 If I understood that thread correctly, its more about the actual filesystem permissions (chmod), rather than Require/Deny directives in Apache.... -Nick >> Nice try, but mod_autoindex works by try to access the file using the configured ruleset so it'll still hit the block... Yup... Extranet Owen.Boyle@xxxxxxx - 20/04/2005 16:20 Please respond to users@xxxxxxxxxxxxxxxx To: users cc: Subject: RE: [users@httpd] Options Indexes: how to force listing of directories with access control settings? > -----Original Message----- > From: Craig Dunigan [mailto:cdunigan@xxxxxxxxxxxxx] > Sent: Mittwoch, 20. April 2005 16:31 > To: users@xxxxxxxxxxxxxxxx > Subject: Re: [users@httpd] Options Indexes: how to force listing of > directories with access control settings? > > > On Tue, 19 Apr 2005 nick.minutello@xxxxxxxxxxxxxxxxx wrote: > > > > > I am using .htaccess to control access to a directory. > > However, this hides the directory from the index listing of > its parent dir > > (if the user isnt logged in). > > > > Is there a trick to Options, IndexOptions or AuthXXX to list all > > directories, regardless of their access control, when a > user isnt logged > > in? I guess you're using apache 2? This sounds a lot like what happens when you have files in the directory which are subject to a Deny directive - you can see them but can't access them in apache 1.3 but you can't see them at all in apache 2. You can have a big-end/little-end debate about which is better, but there is a discussion at: http://marc.theaimsgroup.com/?l=apache-httpd-users&m=107632025906691&w=2 Rgds, Owen Boyle Disclaimer: Any disclaimer attached to this message may be ignored. > > > > > Bit of a guess, here, but why not try putting all of the Auth stuff in > .htaccess inside a Files block, with a match of '*'? Nice try, but mod_autoindex works by try to access the file using the configured ruleset so it'll still hit the block... > > > --------------------------------------------------------------------- > The official User-To-User support forum of the Apache HTTP > Server Project. > See <URL:http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx > " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx > For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx > > Diese E-mail ist eine private und persönliche Kommunikation. Sie hat keinen Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This e-mail is of a private and personal nature. It is not related to the exchange or business activities of the SWX Group. Le présent e-mail est un message privé et personnel, sans rapport avec l'activité boursière du Groupe SWX. This message is for the named person's use only. It may contain confidential, proprietary or legally privileged information. No confidentiality or privilege is waived or lost by any mistransmission. If you receive this message in error, please notify the sender urgently and then immediately delete the message and any copies of it from your system. Please also immediately destroy any hardcopies of the message. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. The sender's company reserves the right to monitor all e-mail communications through their networks. Any views expressed in this message are those of the individual sender, except where the message states otherwise and the sender is authorised to state them to be the views of the sender's company. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx This message and any attachments (the "message") is intended solely for the addressees and is confidential. If you receive this message in error, please delete it and immediately notify the sender. Any use not in accord with its purpose, any dissemination or disclosure, either whole or partial, is prohibited except formal approval. The internet can not guarantee the integrity of this message. BNP PARIBAS (and its subsidiaries) shall (will) not therefore be liable for the message if modified. ********************************************************************************************** BNP Paribas Private Bank London Branch is authorised by CECEI & AMF and is regulated by the Financial Services Authority for the conduct of its investment business in the United Kingdom. BNP Paribas Securities Services London Branch is authorised by CECEI & AMF and is regulated by the Financial Services Authority for the conduct of its investment business in the United Kingdom. BNP Paribas Fund Services UK Limited is authorised and regulated by the Financial Services Authority. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx