Can someone help. i want to password protect a webpage. i created the password file with .htpasswd and also the .htaccess file. i enabled the allowOverride to AuthConfig option in httpd.conf for the directory but still i cant get the password prompt when i visit the page. any ideas. is there any other option i have to enable?

Read this: http://httpd.apache.org/docs/howto/htaccess.html
If it still doesn't work post again, showing a stripped down apache/httpd.conf (without all the quotes, just the config) and the .htaccess file.

is the AuthUserFile-Dir correct?

Password Protecting Directories using .htpasswd
March 20, 2005

The Objective: To password protect directories on an Apache web server using .htaccess and .htpasswd configuration files.

What does a .htaccess file do?
.htaccess configuration files provide for configuration changes on a per-directory basis. For example, a .htaccess configuration file placed in your "Download" directory makes configuration changes only to the "Download" directory and it's sub-directories.

.htaccess configuration files can be used to password protect directories, create custom error pages, and much more.

Enabling .htaccess
By default, the Apache configuration file (httpd.conf) disables .htaccess.

To enable .htaccess, change "AllowOverride" from "None" to "All" in the htaccess section of the Apache configuration file (httpd.conf). The Apache configuration file is lengthy and thus finding the .htaccess section is difficult unless you use Notepad or Wordpad's search function.

Restart the Apache web server application.

Creating the .htaccess File
Create a text document and type the following:

AuthName "This directory is password protected. Please enter a valid username and password."
AuthType Basic
AuthUserFile /path_to_your_htpasswd_file/.htpasswd
Require valid-user

"This directory is password protected. Please enter a valid username and password" is the message displayed during the user login.

The "/path_to_your_htpasswd_file/.htpasswd" is the relatvie path to your .htpasswd file. Depending on your Apache server configuration, you may need to use an absolute path such as "C:/Program Files/Apache Group/Apache/conf/.htpasswd" (including the quotation marks).

The .htpasswd file contains the username and passwords for accounts on your Apahce web server. By default, the Apache web server disables access to files beginning with .ht so that the contents of your .htpasswd file cannot be viewed. However, it is recommended that you place your .htpasswd file in a private directory, such as the Apache "conf" directory.

Upload the text document into the directory you want to password protect and rename it ".htaccess" using a File Transfer Protocol (FTP) client.

Creating the .htpasswd file
The .htpasswd file contains the username and password for accounts on your web server in the following format:

Username:encrypted password
Example: Jeff:eb1gNE7F3VRRY

KxS, a virtual web hosting company, has a great .htpasswd password encryptor. Copy and paste the username and password combination into a text document. Upload the text document you created earlier and rename it ".htpasswd" using a File Transfer Protocol (FTP) client.

Note: Windows XP Home servers do NOT support password encryption in the .htpasswd file. The .htpasswd file must contain the username and password (not encrypted) on Windows XP Home servers.

Congratulations! The directory your .htaccess configuration file is placed in is now password protected

make sure your htaccess file is correctly pointing at your htpasswd file and make sure you htaccess file is in the directory with the pages you are looking to protect, it will only protect that directory and sub directories I belive too

You'll also have to AllowOverrides appropriately in your VirtualHost configuration

I finally got a prompt to enter the password but the credintials cant authonticate aginst the password file. am quite sure the path is correct in .htaccess.

look in the error.log. Apache's pretty good about useful errors.

Did you correctly hash the passwords and add usernames to the htpassword file? There are programs and internet sites that will give you the hash for the file

There's also htpasswd. It comes with Apache and everything.