I have a lighttpd installation supporting multiple hosts. I need to require authorization on the root of one of these hosts, but not the others. The mod_auth plugin, however, does not allow you to specify which host the auth requirement should apply to.
I have written a patch that allows you to specify an "authority"=>"myhost.org" name-value-pair in the auth.require array. if no "authority" is specified, the behavior is the same as it was before the patch. if "authority" *is* specified, then the auth.require entry only applies to the named host. I have also added a flag "use_physical"=>"yes" that causes the auth.require key to refer to a file system path rather than a URI path. If "use_physical" is enabled, then the physical location of the page requested is calculated (following symlinks and all) and compared to the key for the auth.require section to determine if the auth requirement applies to the incoming request.
I can't find any way to submit patches on this site, so let me know if you are interested in receiving the patch. I'll check back on this ticket for any replies.
