htaccess users with different privileges

Question

I am trying a achieve the following with htacess :

** adminuser **

/dir  <= has access to directory listing or parent dir
/dir/subdir-n  <= has access to directory listing of any sub-dir

** clientuser **

/dir  <= DOES NOT have access to directory listing or parent dir (preferably Directory Index that points to a blank index.html file)
/dir/subdir-n  <= has access to directory listing of any sub-dir

Basically we want our administrator to have be able to see all the list of sub dirs with an admin login and our individual clients to only be able to see their directory which we will communicate to them but all with the same login name.

Answer 1

This should be possible with different htpasswd files for the different subdirectories.

For the adminuser you make a login:pw pair and in /dir you require a auth user from the file that has ONLY your adminuser login:pw.

For the clientuser you make a login:pw pair for that user, and append the adminuser login:pw pair on a new line in the same .htpasswd file for THAT directory.

This way, your adminuser can look all dirs, while clientusers can only look their own dirs.

To clarify, here is the files you'd have:

/dir
/subdiruser1
/subdiruser1/.htaccess
...
/.htaccess
/.htpasswdadmin
/.htpasswduser1

In .htpasswdadmin you'd have one line:

admin:weofj2p8jöeoif2p84

In .htpasswduser1 you'd have two lines:

user1:we2pr832urp823rpup
admin:weofj2p8jöeoif2p84

Note that your htpasswd files can be any name, but preferably start with .ht as many apache configs block web access to files name like that. Furthermore, you should not, as in my example, have your .htpasswd files accessible in the webroot, but rather keep them in a folder unaccessible from the web. And one last note: Obviously you see the limitations of that, when needing to change or add a new admin password requires you to add that login:pw pair to all the subdir .htpasswd files.

If anyone has a better solution to this, I would be very curious.