*updated Jan 30th 08*
Jonathan Snook points out another solution to an easy http-auth implementation for Cake’s directories (that are really rewrites).
the gist is that you put a <Location “/name_of_dir/”> in your httpd.conf, which you may well have access to if you are telling it the webroot of Cake is the webroot anyway.
Works like a charm with 1.2 for me! Very useful - the original post was in the group.
Hey dudes, second in my Cake tips posts 
This took me a while to get my head round, since I’m nada. I was wanting incorrect user details for an HTTP authentication to give the user a prompt again, upon a refersh. I struggled to get the Cake default to do this for me, other than in Safari .
And I am still not sure why. But my callback function (as the component has provision for!) below, will allow you to do this. So I can give a user friendly mesage to someone who has got their details wrong.
Handy method then for single admin mini sites:
(in app/app_controller.php)
function beforeFilter() {
if (isset($this->params["admin"])) {
$this->Security->blackHoleCallback = 'incorrect'; $this->Security->requireLogin('*',array('type'=>'basic','realm' => Configure::read('Settings.title')));$this->Security->loginUsers = array("admin" => 'password');}
}
function incorrect () {
header('WWW-Authenticate: Basic' .' realm="' . Configure::read('Settings.title') . '"');
header('HTTP/1.1 401 Unauthorized');
$this->autoRender = false;
$this->layout = '';
die('
HTTP/1.1 401 Unauthorized.
Details incorrect. Please refresh.');
}