I have web2py + lighttpd and trying to get the same app secure behind an url and open in you visit it from other domain. Is this possible? The idea is to get http://domain-one/app asking for password to be seen and http://domain-two/app not asking anything. The app is served by the same web2py instance and is if fact the same app, as I said. I tryed from lightttp but seems that mod_auth and mod_rewrite doesn't mix pretty well. There is any way to make this just using web2py?