What if you want to use a different method for authentication? Using the standard .htpasswd flat files may be fine for small sites or small office servers. But most ISPs and larger businesses probably use some other way of authenticating users with something like a radius server, which we'll use in this example. To approach this problem, it's wise to simplify as much as possible what you put in the .htaccess files in each FrontPage extended web. Ideally, you only want to have a directive in the .htaccess files like require user <username>. Then you put the overhead radius directives inside a directory container in the httpd.conf file. Like this:

      <Directory "/">
         AuthRadiusAuthoritative Off
         AuthAuthoritative On
         AuthRadiusActive Off
      </Directory>

      <Directory "/home/*/www/_vti_bin/*">
        Options ExecCGI
        AuthType Basic
        AuthRadiusActive On
        AuthRadiusAuthoritative Off
        AuthAuthoritative On
      </Directory>

Make sure you have the mod_auth_radius module installed and setup before you use the AuthRadius directives though. You'll need to put these directives for mod_auth_radius somewhere else in the global section of the file so that Apache knows what radius server to talk to:

      <IfModule mod_auth_radius.c>
        AddRadiusAuth <radiusservername>:<port> <sharedsecret> 5
        AddRadiusCookieValid 5
      </IfModule>

By turning AuthRadiusAuthoritive off and AuthRadiusActive on, it will make the client fall back on radius authentication if the user's password doesn't match what is in the service.pwd file. This makes it possible for the FrontPage client to create author users that will still work like they did with the flat file authentication method.