More in depth security with etherpad and apache

I was looking to provide even more namespaces to my etherpad instance, so I added a second "namespace."  I now have 2 distinct namespaces with seperate authentication methods, and thought it might be a good example for someone else looking. The "bks" namespace authenticates against a user table (added to the etherpad mysql database) and the hivesec namespace authenticates against a simple user/password file.

It should be possible to add groups and allow a user to auth against one or more namespaces using apache mysql authentication, but I did not take things this far, at least not yet. 

My previous articles http://jdsnetwork.com/node/21 and http://jdsnetwork.com/node/9 provide more details on how I have etherpad setup.

<VirtualHost *:80>
ServerName etherpad.scrabby.org
ServerAlias etherpad.scrabby.org
ServerAdmin jsimpson@scrabby.org
DocumentRoot /var/www/
ProxyRequests Off
ProxyPass / http://localhost:8080/
ProxyPassReverse / http://localhost:8080/
ProxyPreserveHost on
<locationmatch \/p\/bks\-.*>
AuthMYSQL on
AuthMySQL_Authoritative on
AuthMySQL_DB httpauthdb
Auth_MySQL_Host localhost
Auth_MySQL_User httpauth
Auth_MySQL_Password fisher
AuthMySQL_Password_Table users
AuthMySQL_Username_Field login
AuthMySQL_Password_Field pass
AuthMySQL_Empty_Passwords off
AuthMySQL_Encryption_Types MD5Sum
AuthType basic
AuthName "The bks-* namespace is restricted to basekamp users only."
AuthUserFile /var/etherpad/htpass
Require valid-user
</locationmatch>
<locationmatch \/p\/hivesec\-.*>
AuthType basic
AuthName "The hivesec-* namespace is restricted to hive76 users only."
AuthUserFile /var/htpass
Require valid-user
</locationmatch>

<proxymatch \/>
Options FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
Allow from all
</proxymatch>
ServerSignature Off
</VirtualHost>