Apache authentication : allow public access to a subdirectory

This is probably a simple problem, but I cant find the solution in the documentation.

I want to password protect my website using BASIC authentication. But I want a subdirectory to be non protected :

http://mysite.com/ -> BASIC protected
http://mysite.com/somedir -> BASIC protected
http://mysite.com/someotherdir -> BASIC protected
http://mysite.com/public -> not protected

I have no problem protecting all the site, but I dont know how I can "unprotect" one directory. The site is hosted on a shared host, so I only have access to .htaccess files to do the configuration.

Is there a directive to negate the authentication ?

Thanks for the help ...

Shouldn't be a problem with .htaccess, depending on what the host has allowed.

You could try putting a .htaccess in the sub-folder with the following, although overrides will have to be enabled for the directories it's in.

 Allow From All
 Satisfy Any

OK, for a path server.com/private/public:

server.com/private/.htaccess

AuthType Basic
AuthName "Private, keep out."
Require...

server.com/private/public/.htaccess

Allow From All
Satisfy Any

The key here is 'Satisfy Any' which ORs the requirements from upstream together. 'Satisfy All' is the default.

I believe this might do it:

# put the global auth stuff here
...

# put the override here
<Location /public>
Allow from All
Satisfy Any
</Location>