I have an OES 11 server I am using as a web server running Apache2. My "htdocs" folder is on an NSS Volume. Access to the web folders is case insensitive. I have setup LDAP Authentication to allow for limited access to a "intranet_auth" folder. Authentication works well UNLESS the link within a PHP script says "Intranet_Auth" as the folder name. When this happens the page opens as if it has NO Authentication setup!! This seems like a LARGE hole for what should be a secure authentication?

Is there a way to close this hole and make the security case insensitive??

#LDAP Authentication (eDirectory)
<Directory /xxx/xxx/xxx/APACHE2/htdocs/intranet_auth>
Options Indexes Multiviews
AllowOverride None
Order deny,allow
Allow from all
AuthType Basic
AuthName "Protected"
AuthzLDAPAuthoritative Off
AuthBasicProvider ldap
AuthLDAPURL ldaps://serverIPaddress/o=context?uid?sub
Require valid-user