.htaccess requires password in chrome but not other browsers

.htaccessapache-2.2authenticationkerberos

We have .htaccess on our site http://subdomain.site.com/: 

AuthType Kerberos
AuthName "Internet ID"

require valid-user

order deny,allow
deny from all
allow from all

On a sub directory of the site, http://subdomain.site.com/subdirectory/ we have an .htaccess: 

AuthType none
Satisfy any

The reason is that on this subdirectory/ we have a different authentication mechanism and do not want to use kerberos as authentication. The problem though is that in chrome the .htaccess authentication still pops up but firefox, opera, IE do not prompt for this authentication before loading the page.

I am having trouble understanding how a server side configuration could be presented to the end user differently depending on the browser? Is there something in my subdirectry .htaccess that I am missing ?

Best Answer

I just reproduced this. Chrome is requesting /favicon.ico and gets a HTTP/1.1 401 Authorization Required. Other browsers ignore it. Chrome presents a auth dialog box. Try adding this to your .htaccess on your site http://subdomain.site.com/

<Files "favicon.ico">
    AuthType none
    Satisfy any
</Files>

Here is the bug... http://code.google.com/p/chromium/issues/detail?id=12876 ...pretty bad.

Related Topic