.htaccess and Custom ErrorDocuments

Junior WebHelper Joined: 18 Dec 2006 Posts: 1

Hi,

I am trying to get some password protection into some of my pages.

I created the .htaccess file and I am using the mysql mod to control access by using a MySQL table.

That portion is working....

Now I tried to implement a custom error document so that if the person doesn't have a user/pwd setup, they will fail to authenticate and then get rerouted to my custom page...

The code is in place, however now instead of first asking for the userid/pwd, it goes right to the custom error page.. I can test this by commenting out that custom "ErrorDocument" line to test...

Here's my .htaccess file...

<Files>
order allow,deny
deny from all
</Files>

SetEnvIfNoCase User-Agent "^EmailSiphon" bad_bot
SetEnvIfNoCase User-Agent "^EmailWolf" bad_bot
SetEnvIfNoCase User-Agent "^ExtractorPro" bad_bot
SetEnvIfNoCase User-Agent "^CherryPicker" bad_bot
SetEnvIfNoCase User-Agent "^NICErsPRO" bad_bot
SetEnvIfNoCase User-Agent "^Teleport" bad_bot
SetEnvIfNoCase User-Agent "^EmailCollector" bad_bot

AuthName "By Invitation Only"
AuthType Basic
AuthGroupFile /dev/null
AuthMySQLEnable On
AuthMySQLHost localhost
AuthMySQLDB <dbname>
AuthMySQLUserTable <tablename>
AuthMySQLUser <username>
AuthMySQLPassword <userpwd>
AuthMySQLPwEncryption none
AuthMySQLSaltField none
AuthMySQLNoPasswd Off
AuthMySQLAuthoritative On

<Limit>
require valid-user
Order Deny,Allow
Allow from all
Deny from env=bad_bot
</Limit>

ErrorDocument 403 /errorpages/Error401403.cfm
ErrorDocument 401 /errorpages/Error401403.cfm

If I comment out the 401 ErrorDocument, it prompts for the userid/pwd and if it is wrong, it will redirect to the apache Authorization Required page that is default with Apache... If I uncomment out the 401 above, it goes immediately to the 401 redirect page without prompting first for the user/pwd combo....

What am I doing wrong???

Thanks,
RickNTpa