Let's see if I can help get this sorted out. Having carefully read your post, one thing that comes to mind is that thing *might* actually be working for you as expected, but you are not able to see it because of the way Apache basic authentication works with your browser.
Once a user has successfully passed an authentication dialog, apache will *not ask again* while that browser is open unless/until the .htaccess file is changed. This can easily lead you to believe, when you are setting things up, that the authentication routine is not working when it actually *is*; only by closing your browser and trying *again* to connect to a protected area can you be *sure* that it is, or is not working.
The use of wysiwyg software might be complicating your issue slightly in some subtle way, though it really should not have anything to do with the authentication stuff. I am, however, confused as to what you mean by "the only appropriate options for links seem to be "file" or "audio file" - a link is just a link, adn I'm not sure how/what/why the software makes any distinction as to what the link is to.
In reply to:
In my site I have a members page. I am setting up links for individual clients... and for example I want the owner of Widgits Inc to link to a directory that will allow him to download the audio files in "his" directory from esprit to his local machine. I don't want him to see anyone else's directory and I don't want anyone else to be able to see his.
If I understand this correctly, that "members' page" is *not* protected, but only lists links to each member's "private directory", and *those directories* are what are to be protected via .htaccess. Is that correct?
In reply to:
The protected directories have to be under the "your domain.tld" directory... right?
Yes, they must be "somehwere" beneath your "web base directory" to be accessible from the web, but they do not have to be *immediately* beneath your "top" directory.
In reply to:
If I understand correctly, when the Widgits guy clicks on his member link, .htaccess is supposed to make a password dialog box pop-up right? I though I had it set-up correctly but when I tested the link, it went straight to playing the audio file without asking for a password.
This is a bit confusing to me, as I initially had though you were just providing links to the members *directory* as opposed to an individual file, but either way, if the file is placed in a directory that is protected by .htaccess, then the authentication dialog should be presented the *first time* a user click a link the links to the file.
In reply to:
In trying to set all this up... I've apparently either not set up the directory tree correctly... left something out of the .htaccess file (by the way I used one of those automatic generator utilities to create the code)... or didn't do the link properly... or maybe all of the above. Should I as you suggested earlier, use DreamHost panel to generate .htaccess and then move things around?
It could be any, or a combination of, those things that are causing your unexpected behavior - it's really hard for me to guess from your description what may be happening. Also, what "automatic generator utility" are you using to "create the code"?
You could certainly consider just using the DreamHost provided Control Panel tool fro password protecting directories to get you started easily (that what it is for) and then move thing around if you desire, or leave them as DH sets them up.
In reply to:
In creating the directory where the Widgit Inc. audio files will be located... do I create that directory on the FTP server... or create it on my local machine and then upload it?
It should make absolutely no difference at all - as long as the directory ends up on your server the end result should be the same.
In reply to:
Or do I have to create an additional web site page to link to? I doesn't seem that would be the way to go because the audio files would not all end up in the one directory... they would just be separate files under the main web site directory.
I'm confused by this question; whether or not you create a separate page or not is not relevant, only the *location* of the page/file/etc. to be protected - they must be in a protected directory for the authentication to take place, whether a file, or a page, it matters not.
In reply to:
I had better stop now before you run out of patience!!
Ha ha , well, I still have some patience left, and I'd like to help you, but I admit I'm confused about the details of what you are describing in a few places, and "the devil is in the details." You might consider posting a url to your site (using dummy data files) so we can see what you have structured rather than just relying upon your descriptions - sometime stuff is lost in the translation. Alternately, you are welome to PM me with a url if you would like for me to look at it but do not wish to publish your url in public.
What "wysiwyg" software are you using? Some such software (most notably iWeb) tends to "mess with" a sites directory structure as it "builds a web", and this could be having an impact on your efforts.
In a nutshell, what it seems you are trying to do is to have a structure that looks something like this:
http://yourdomain.tld
___________________________|__________________
| |
http://yourdomain.tld/member1 http://yourdomain.tld/member2
| |
http://yourdomain.tld/member1/file1 http://yourdomain.tld/member1/file2
and you want the member1 and member 2 directories to be password protected.
To do this, you put the .htaccess file with the authentication directives in *those* directories. Then, if you wish, you can either put a page in each of them (index,.html) to link to each of the files, or just let the files display in a directory listing for the user to "click" - either way, those files will not be visible to anyone who does not pass the password dialog.
Does any of this help at all?
--rlparker
