diff --git a/qse/cmd/http/Makefile.am b/qse/cmd/http/Makefile.am
index 1cb49a15..1b3dbdec 100644
--- a/qse/cmd/http/Makefile.am
+++ b/qse/cmd/http/Makefile.am
@@ -20,3 +20,5 @@ if WCHAR
 qsehttpd_LDADD += $(UNICOWS_LIBS)
 endif
 endif
+
+EXTRA_DIST = $(qsecfg_DATA)
diff --git a/qse/cmd/http/Makefile.in b/qse/cmd/http/Makefile.in
index cb4d1f93..d70caa7c 100644
--- a/qse/cmd/http/Makefile.in
+++ b/qse/cmd/http/Makefile.in
@@ -309,6 +309,7 @@ qsecfg_DATA = httpd.conf httpd-mime.conf
 qsehttpd_SOURCES = httpd.c
 qsehttpd_LDFLAGS = -L../../lib/xli -L../../lib/http -L../../lib/cmn -L$(libdir)
 qsehttpd_LDADD = -lqsexli -lqsehttp -lqsecmn $(am__append_1)
+EXTRA_DIST = $(qsecfg_DATA)
 all: all-am
 
 .SUFFIXES:
diff --git a/qse/cmd/http/httpd.c b/qse/cmd/http/httpd.c
index fd027cfa..0c3d0981 100644
--- a/qse/cmd/http/httpd.c
+++ b/qse/cmd/http/httpd.c
@@ -447,12 +447,26 @@ static int query_server (
 			return 0;
 
 		case QSE_HTTPD_SERVERSTD_REALM:
-			*(const qse_mchar_t**)result = server_xtn->scfg[SCFG_REALM];
+			((qse_httpd_serverstd_realm_t*)result)->name = server_xtn->scfg[SCFG_REALM];
+			((qse_httpd_serverstd_realm_t*)result)->authreq = (server_xtn->scfg[SCFG_REALM] != QSE_NULL);
 			return 0;
 
 		case QSE_HTTPD_SERVERSTD_AUTH:
-			*(const qse_mchar_t**)result = server_xtn->scfg[SCFG_AUTH];
+		{
+			qse_httpd_serverstd_auth_t* auth;
+
+			auth = (qse_httpd_serverstd_auth_t*)result;
+			auth->authok = 0;
+
+			if (server_xtn->scfg[SCFG_AUTH])
+			{
+				if (qse_mbsxcmp (auth->key.ptr, auth->key.len, server_xtn->scfg[SCFG_AUTH]) == 0)
+				{
+					auth->authok = 1;
+				}
+			}
 			return 0;
+		}
 
 		case QSE_HTTPD_SERVERSTD_DIRCSS:
 			*(const qse_mchar_t**)result = server_xtn->scfg[SCFG_DIRCSS];
@@ -829,10 +843,13 @@ static int load_server_config (
 	}
 
 	/* perform more sanity check */
+/* TODO: support multiple auth entries here and above */
+#if 0
 	if (qse_mbschr (server_xtn->scfg[SCFG_AUTH], QSE_MT(':')) == QSE_NULL)
 	{
 		qse_printf (QSE_T("WARNING: no colon in the auth string - [%hs]\n"), server_xtn->scfg[SCFG_AUTH]);
 	}
+#endif
 
 	if (qse_mbstonwad (server_xtn->scfg[SCFG_ROOT], &server_xtn->root_nwad) >= 0) server_xtn->root_is_nwad = 1;
 	return 0;
diff --git a/qse/configure b/qse/configure
index 5a770843..011147f1 100755
--- a/qse/configure
+++ b/qse/configure
@@ -15922,6 +15922,10 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu
 
 
 
+
+save_CFLAGS="$CFLAGS"
+save_LDFLAGS="$LDFLAGS"
+save_LIBS="$LIBS"
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking which extension is used for runtime loadable modules" >&5
 $as_echo_n "checking which extension is used for runtime loadable modules... " >&6; }
 if ${libltdl_cv_shlibext+:} false; then :
@@ -16997,10 +17001,14 @@ eval "LTDLOPEN=\"$libname_spec\""
 # Only expand once:
 
 
+LDFLAGS="$save_LDFLAGS"
+CFLAGS="$save_CFLAGS"
+LIBS="$save_LIBS"
 
 if test "x$with_included_ltdl" != "xyes"; then
 	save_CFLAGS="$CFLAGS"
 	save_LDFLAGS="$LDFLAGS"
+	save_LIBS="$LIBS"
 	CFLAGS="$CFLAGS $LTDLINCL"
 	LDFLAGS="$LDFLAGS $LIBLTDL"
 	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for lt_dladvise_init in -lltdl" >&5
@@ -17052,6 +17060,7 @@ fi
 
 	LDFLAGS="$save_LDFLAGS"
 	CFLAGS="$save_CFLAGS"
+	LIBS="$save_LIBS"
 fi
 
 if test "$ac_test_CFLAGS" != "set"
diff --git a/qse/configure.ac b/qse/configure.ac
index 51dc7213..23b37a85 100644
--- a/qse/configure.ac
+++ b/qse/configure.ac
@@ -50,18 +50,27 @@ AC_SUBST(LIBTOOL_DEPS)
 dnl 'recursive' type seems to have problems in setting LT_CONFIG_H
 dnl so i use the classic 'subproject' type here
 LT_CONFIG_LTDL_DIR([libltdl])
+
+save_CFLAGS="$CFLAGS"
+save_LDFLAGS="$LDFLAGS"
+save_LIBS="$LIBS"
 LTDL_INIT
+LDFLAGS="$save_LDFLAGS"
+CFLAGS="$save_CFLAGS"
+LIBS="$save_LIBS"
 
 dnl The lt_dladvise_init symbol was added with libtool-2.2
 if test "x$with_included_ltdl" != "xyes"; then
 	save_CFLAGS="$CFLAGS"
 	save_LDFLAGS="$LDFLAGS"
+	save_LIBS="$LIBS"
 	CFLAGS="$CFLAGS $LTDLINCL"
 	LDFLAGS="$LDFLAGS $LIBLTDL"
 	AC_CHECK_LIB([ltdl], [lt_dladvise_init], [],
 	             [AC_MSG_ERROR([installed libltdl is too old. install a newer libltdl or specify --with-included-ltdl])])
 	LDFLAGS="$save_LDFLAGS"
 	CFLAGS="$save_CFLAGS"
+	LIBS="$save_LIBS"
 fi
 
 dnl overrides the default CFLAGS setting
diff --git a/qse/include/qse/http/stdhttpd.h b/qse/include/qse/http/stdhttpd.h
index 0da0fb36..6b55d8d9 100644
--- a/qse/include/qse/http/stdhttpd.h
+++ b/qse/include/qse/http/stdhttpd.h
@@ -56,6 +56,20 @@ struct qse_httpd_serverstd_root_t
 	} u;
 };
 
+typedef struct qse_httpd_serverstd_realm_t qse_httpd_serverstd_realm_t;
+struct qse_httpd_serverstd_realm_t
+{
+	const qse_mchar_t* name;
+	int authreq;
+};
+
+typedef struct qse_httpd_serverstd_auth_t qse_httpd_serverstd_auth_t;
+struct qse_httpd_serverstd_auth_t
+{
+	qse_mcstr_t key;
+	int authok;
+};
+
 typedef struct qse_httpd_serverstd_cgi_t qse_httpd_serverstd_cgi_t;
 struct qse_httpd_serverstd_cgi_t
 {
@@ -75,8 +89,8 @@ enum qse_httpd_serverstd_query_code_t
 {
 	QSE_HTTPD_SERVERSTD_NAME,           /* const qse_mchar_t* */
 	QSE_HTTPD_SERVERSTD_ROOT,           /* qse_httpd_serverstd_root_t */
-	QSE_HTTPD_SERVERSTD_REALM,          /* const qse_mchar_t* */
-	QSE_HTTPD_SERVERSTD_AUTH,           /* const qse_mchar_t* */
+	QSE_HTTPD_SERVERSTD_REALM,          /* qse_httpd_serverstd_realm_t */
+	QSE_HTTPD_SERVERSTD_AUTH,           /* qse_httpd_serverstd_auth_t */
 	QSE_HTTPD_SERVERSTD_DIRCSS,         /* const qse_mchar_t* */
 	QSE_HTTPD_SERVERSTD_ERRCSS,         /* const qse_mchar_t* */
 
diff --git a/qse/lib/http/httpd-std.c b/qse/lib/http/httpd-std.c
index a258f92d..a9e7de9b 100644
--- a/qse/lib/http/httpd-std.c
+++ b/qse/lib/http/httpd-std.c
@@ -18,7 +18,7 @@
     License along with QSE. If not, see <htrd://www.gnu.org/licenses/>.
  */
 
-#include <qse/http/std.h>
+#include <qse/http/stdhttpd.h>
 #include "httpd.h"
 #include "../cmn/mem.h"
 #include <qse/cmn/hton.h>
@@ -2240,8 +2240,8 @@ struct rsrc_tmp_t
 	qse_mchar_t* xpath;
 
 	qse_httpd_serverstd_root_t root;
-	const qse_mchar_t* realm;
-	const qse_mchar_t* auth;
+	qse_httpd_serverstd_realm_t realm;
+	qse_httpd_serverstd_auth_t auth;
 	qse_httpd_serverstd_index_t index;
 
 	int final_match;
@@ -2400,16 +2400,16 @@ static int make_resource (
 	QSE_ASSERT (tmp.root.type == QSE_HTTPD_SERVERSTD_ROOT_PATH);
 
 	if (server_xtn->query (httpd, client->server, req, tmp.xpath, QSE_HTTPD_SERVERSTD_REALM, &tmp.realm) <= -1 ||
-	    server_xtn->query (httpd, client->server, req, tmp.xpath, QSE_HTTPD_SERVERSTD_AUTH, &tmp.auth) <= -1 ||
 	    server_xtn->query (httpd, client->server, req, tmp.xpath, QSE_HTTPD_SERVERSTD_INDEX, &tmp.index) <= -1)
 	{
 		return -1;
 	}
 
+
 	/* default to the root directory. */
 	if (!tmp.root.u.path) tmp.root.u.path = QSE_MT("/"); 
 
-	if (tmp.realm && tmp.auth)
+	if (tmp.realm.authreq && tmp.realm.name)
 	{
 		const qse_htre_hdrval_t* authv;
 
@@ -2439,12 +2439,15 @@ static int make_resource (
 				/* decoding a base64-encoded string result in a shorter value than the input.
 				 * so passing the length of the input(authl) as the output buffer size is ok */
 				authl2 = qse_debase64 (&authv->ptr[6], authl, server_xtn->auth.ptr, authl, QSE_NULL);
-				if (qse_mbsxcmp (server_xtn->auth.ptr, authl2, tmp.auth) == 0) goto auth_ok;
+
+				tmp.auth.key.ptr = server_xtn->auth.ptr;
+				tmp.auth.key.len = authl2;
+	    			if (server_xtn->query (httpd, client->server, req, tmp.xpath, QSE_HTTPD_SERVERSTD_AUTH, &tmp.auth) >= 0 && tmp.auth.authok) goto auth_ok;
 			}
 		}
 
 		target->type = QSE_HTTPD_RSRC_AUTH;
-		target->u.auth.realm = tmp.realm; 
+		target->u.auth.realm = tmp.realm.name; 
 		return 0;
 	}
 
@@ -2621,7 +2624,14 @@ static int query_server (
 			break;
 		
 		case QSE_HTTPD_SERVERSTD_REALM:
+			((qse_httpd_serverstd_realm_t*)result)->name = QSE_NULL;
+			((qse_httpd_serverstd_realm_t*)result)->authreq = 0;
+			break;
+
 		case QSE_HTTPD_SERVERSTD_AUTH:
+			((qse_httpd_serverstd_auth_t*)result)->authok = 1;
+			break;
+			
 		case QSE_HTTPD_SERVERSTD_ERRCSS:
 		case QSE_HTTPD_SERVERSTD_DIRCSS:
 			*(const qse_mchar_t**)result = QSE_NULL;