allow one ip to access with basic authentication

Question

I have set up a basic username and password authentication for regular users

i want only one ip access with a one username and password

for example user one connect with test and test if user one still connect to server with basic authentication , and user 2 request to access to server with same username and password , user 2 can't access to server until user 1 disconnect from server.

Answer 1

This is impossible with HTTP basic authentication because HTTP does not have active connections that last longer than the time all data for a single page or image is transfered. If all data is transfered, the connection is terminated. Should this be the right time to let the second user in? If so, limit your apache to accept only one connection at a time (i.e. allow only one child process), and you are done.

If you want this more like I think you want it, you have to implement it yourself inside your application with sessions, and have to deal with the fact that users do no usually log themself out of the application, but simply close the browser. So after a certain time has passed, the first user must be considered inactive and his session terminated to let the second user in.

And by the way: Remember that HTTP basic authentication has no way to "logout" implemented! All solutions that simulate this really only send another authentication challenge to the browser, which makes it forget about the login and asking the user for credentials again. This cannot be implemented with .htaccess.