It seems that SMF kills auth sessions? How can i get past that? Basically when I log into the protected I can navigate all the pages behind it perfectly, but when I click the link for the SMF board which is also in the same protected directory, it asks for the username and password again to unprotect the file. If i check cookies, there is still only one auth session there for the site, but the string is different. So it appears that the first thing the SMF script does when you request the page is kill an auth session and create a new one, why?
SMF uses its own session cookies, so that could be the problem. I'll have one of the developers look at this though as I'm not real familiar with .htpasswd and such.
Hey, did we ever find out the answer to this question? I have a member section and would like the forum behind the protected directory.
cdsouza,
As said SMF uses its own cookies to keep the session. I don't believe Apache though keeps the login behind a protected directory and is only valid for the session with it.