Yeah, I'm not great at explaining stuff sometimes - but your spot on. Regards
> Michael Hekeler <mich...@hekeler.com> writes: > >> Whats wrong with the manpage? >> >> [no] authenticate [realm] with htpasswd >> Authenticate a remote user for realm by checking the >> credentials against the user authentication file htpasswd. >> The file name is relative to the chroot and must be >> readable by the www user. Use the no authenticate directive >> to disable authentication in a location. >> Authenticate a remote user for realm by checking the >> credentials against the user authentication file htpasswd. >> The file name is relative to the chroot and must be readable >> by the www user. Use the no authenticate directive to disable >> authentication in a location. >> >> >> >>> I read it totally differently, that the htpasswd is a location to a >>> file and not just a declaration to look for a file in the current dir >>> named htpasswd etc. >> >> The htpasswd IS a file: >> location "/*" { authenticate with "/htpasswd" } >> >> In this example the passwordfile is named "htpasswd" and is in /var/www >> (Note that httpd(8) is chrooted by default) > > I think he meant possible confusion over whether "htpasswd" is the > literal/only name of the file, or a stand-in name for "any file name I > choose" e.g. if my password file was named "foo" then the directive > would be > > authenticate [realm] with foo. > > I could see it being interpreted that way, anyway. > > Allan