Current .htaccess Settings - Password Ignored

[xr6vn9z]

.htpasswd conatins

myusername:encryptedPassword

 

/htdocs/ is set as the root directory in httpd.conf

 

.htpasswd is in the htdocs/passwords/ folder.

 

httpd.conf:

<Directory /catalog/admin>

  Options Indexes FollowSymLinks

  AllowOverride AuthConfig

  order allow,deny

  allow from none

</Directory> 

 

.htaccess:

AuthUserFile /passwords/.htpasswd

AuthName "Restricted Area"

AuthType Basic



<Limit GET POST>

require valid-user

</limit>

 

When I try to access /htdocs/catalog/admin I get the prompt to enter my name and password. I enter the info I specified in the .htpasswd file but the prompt just refreshes.

 

What is wrong with the settings?

[xr6vn9z]

BTW, I have read every tutorial on .htaccess on the web but it will not work as instructed. I think my problem may be related to the virtual path.

 

The root folder for Apache is /htdocs. the folder I want to protect with .htaccess is at \"/htdocs/catalog/admin\". Therefore, I am assuming that the following is correct:

 

In the httpd.conf file I am pointing a directory directive to:

<Directory \"/catalog/admin\">

blah blah

blah blah blah

blah blah

</directory>

 

In the .htaccess file I am pointing to the password file at:

AuthUserFile /passwords/.htpasswd

 

Is this correct? Anyone?

 

I am aware of the Apache tutorial and what it says about having access to the root and not using .htaccess. That is not the point. I want to use .htaccess and there is no reason why I should not be able to. Other people are using it and I would like to nail it before trying an alternative method.