Apache processing authentication directives before mod_rewrite rules

I'm using mod_rewrite to redirect people from one domain to another (whilst preserving the rest of the URL). Both domains point at the same codebase.

One of the directories has authentication controlled by a local .htaccess file.

These a开发者_如何转开发uthentication directives get processed before the mod_rewrite rule are processed. Therefore the client gets asked for a password twice.

I've tried putting mod_rewrite rules into the .htaccess file, above the authentication related directives, but it fails in a strange way.

What's the easiest way to prevent this double authentication?

---

Put your authentication directives into the <VirtualHost> block of the host you want the users to be authenticated.