I have a directive that i use to add password protection to the following director in apache:
in the directive i am only defining /context/
But i want to exclude the password protection when a user accesses a page in the following context that is contained in the secured context:
the reason for this requirement is that all traffic to http://servername/context/sercure
is then redirected via https and this is seen as a second session to apache and therefore asks for the user to authenticate again.