Lighttpd

Hi :)

Question: How do I require authentication for an entire site with one realm ("realm" => "User") while requiring a different realm ("realm" => "Admin") for certain files ("/sys/api/reboot" and "/sys/api/factoryreset") a subfolder in that site? :)

I'd like to prompt for user/pass as soon as the user accesses the site. Something like this:

auth.require = (
"" => (
"method" => "digest",
"realm" => "User",
"require" => "valid-user" )
)

There are however certain things that require more than just User (realm). For instance access to "/sys/api/reboot" and "/sys/api/factoryreset". Something like:

auth.require = (
"/sys/api/reboot" => (
"method" => "digest",
"realm" => "Admin",
"require" => "valid-user" ),
"/sys/api/factoryreset" => (
"method" => "digest",
"realm" => "Admin",
"require" => "valid-user" ),
)

I've already got an "Admin" and "User" in a htdigest.user file. Both work as long as I don't include the first auth.require (the one that requires User for the entire site).

If I include that then "User" is all that is required for the entire site including "/sys/api/reboot" and "/sys/api/factoryreset". I can see why that would make sense but how do I get around that? :)

I've tried doing something like this but with no luck (just to use /sys/api/reboot as an example)

$HTTP["url"] !~ "^/sys/api/reboot" {
auth.require = (
"" => (
"method" => "digest",
"realm" => "User",
"require" => "valid-user" )
)
}

Linux + lighttpd/1.4.45