My project use htaccess files to limit accessibility server assets. The access is granted by having an HTTP authentication.

I wish to leave HTTP authentication and employ a php-session-like login authentication to check on access.

What I wish to do might be simply completed in a script like:

if ( !isset($_SESSION['user']) ) {
    header('location : /login.php');
//...also we could use url rewriting to redirect all urls pointing to static resource through
// a script that will deliver its content or redirect to the login form depending on
// identification status

Using php for dynamic pages isn't a problem, but exactly how to I grand use of Static resource utilizing a session id passed with snacks in apache ?

I have seen questions associated with cookie based redirection in apache, but not one of them treat about determining a person with different sessionId went by cookie.

For HTML content, keep the "static" content in PHP scripts whose only "dynamic" feature is they have a common header incorporated for checking login/session.

For images, css, javascript, documents, other things, this more extensive discussion will help you.