Are the realms the same for both login prompts? Can you remove the .htaccess from /www ? I'm not sure but I thing the blank htaccess file in /www will still try to 'find out' who you are even if there is no 'required' parameter set. Thanx Aaron N Wagner Monitoring Systems and Network Tools CCO-Command Center Operations 804.515.6298 > -----Original Message----- > From: kloomis [mailto:kloomis@xxxxxxxxxxxxxxxx] > Sent: Monday, December 05, 2005 11:59 AM > To: users@xxxxxxxxxxxxxxxx > Subject: [users@httpd] Odd .htaccess problem > > Hello: > > I have an odd problem with htaccess. It takes two passes at > the logon to > gain access to the directory - same user name and password for each. > > The directory structure is this: www/graphs > > There is an .htaccess file in www/graphs with the following entries: > > AuthName Graphs > AuthType Basic > AuthUserFile www/graphs/.htpasswd > Required valid-user > > The .htpasswd file consists of a user name and an encrypted password. > > There _is_ an .htaccess file in www. But it has no Required > or AuthUserFile > entries. > > If I remove the .htaccess file in www/graphs, I get access > without any > authorization required. > > Ken > > > > --------------------------------------------------------------------- > The official User-To-User support forum of the Apache HTTP > Server Project. > See <URL:http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx > " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx > For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx > > --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx