Not sure really. I'm trying to make sure that this is the case in pseudocode.
Deny from everyone unless: 1. From intranet without a password -or- 2. Anywhere else with a password and valid-user using ApacheDBI Regards, KAM > <Location /foo> > Satisfy Any > Allow from 192.168.2.10 > PerlAuthenHandler Apache::AuthDBI