I have a number of small websites hosted on a conventional UNIX server
which supports htaccess and htpasswd. I have a conventional automatic
system which alters the htpasswd files for each site's directory when
someone joins as a member or has their membership expire. I have
things set up so that members of site A have access to the files for
site A, and the members of site B have access to the files of site B.

So far, so easy.

I want to arrange things so that by virtue of joining site A, those A
members ALSO get access to site B. But not the reverse: members of
site B canNOT access files in site A. You can think of B as a Basic
membership, and A as an Advanced membership; members of A get
everything, but members of B only get Basic.

  I suspect that there is an easy way to do this, but I've looked at a
few simple web tutorials on htpasswd and none of them tell me how. I'm
pretty sure that you experts know the answer to this off the top of
your head. If my problem requires something intricate, I'll bet you
know a free web tutorial which includes the answer. So I'd be happy to
get either (or both) of the following:

  A. The actual code to put into my ht files. (I'll bet it's just one
line to add, but tell me if I'm wrong; see below.)

and/or

  B. A pointer to a specific web page which says "In order to do xxx,
just add the following lines to your ht files..."

However, NOT useful are links to tutorial sites which don't answer
this SPECIFIC question. I've already looked at a bunch of those and
I'm getting frustrated.

This is my very first request for a Google Answer, so I hope the price
I'm setting isn't too low. I set it at that rate because I'm a
cheapskate and because I have a suspicion that the answer is "Just put
this one simple line into your htaccess file...". We'll see if my
hunch is correct. If you need to write more than 2 lines of code then
I'd certainly consider your answer to be worth more than $5.

Just to make things very concrete, here's my current htaccess file:

AuthUserFile /home/nearlynakedprogrammers/data/.htpasswd
AuthName MEMBERS
AuthType Basic
<Limit GET POST>
require valid-user
</Limit> 

I suspect that the answer would be to add the following line (or
something like it) so that the file ends up with TWO AuthUserFile
lines, the second one being:

AuthUserFile /home/entirelynakedprogrammers/data/.htpasswd

As you can see, the Basic members would be allowed to see the nearly
naked programmers, and so would the Advanced members (the Advanced
members would be allowed also to see the entirely naked programmers in
a directory accessible only to them). But I don't want the Advanced
members to have to sign up for
two things, and I don't want to have to duplicate content between the two sites.

[Apologies if the example is a bit too spicy. It's not real, of course
-- hmmm... are those domain names available? -- grin -- but perhaps it
brought you a smile.]

Thanks for your help!

Hi

I think your answer will be to use group membership (you can list
multiple groups with the Require directive), and use a require line
similar to:

Require group AdvancedMembers BasicMembers
For the site that allows all users in, and

Require group AdvancedMembers
For the site that only advanced members can access...

Remember that you'll need to create a group membership file somewhere
outside of web-accessible-space and add an AuthGroupFile directive,
eg:

AuthUserFile /home/nearlynakedprogrammers/private/.htpasswd
AuthGroupFile /home/nearlynakedprogrammers/private/.group
AuthName MEMBERS
AuthType Basic
<Limit GET POST>
require group AdvancedMembers BasicMembers
</Limit>