Passwords in Apache do not work this way:

First, you need to create a plain test passwords file via htpasswd, it's on the bin diectory of apache.

Once created and with the users added yo have to put the following on a <Directory /path/to/be/protected> </Directory> in httpd.conf

AuthType Basic or Digest (needs mod_auth or mod_aut_digest)
AuthName "Restricted Files"
AuthDBMUserFile /usr/local/apache/passwd/passwords (Path to the passwords file)
Require user userName (user you allow the access to if he writes his password accordingly).

This automatically displays a dialog box to enter username and password, I suppose there must be some way in javascript to call that authentication process passing to it the username and password , but that's something I don't know. You also have to take into consideration that the password is saved encrypted.

Hope this helps.

[edited by: kaidok at 10:37 am (utc) on May 14, 2009]

1) You can use "Require valid-user" to avoid having to list out each user individually.

2) Authentication and Authorization must not be done on the client side. This provides *zero* security, since anyone who knows Javascript can then easily modify your JS code to return "valid" for *any* username or password. Do not use client-side technology for Auth functions!

Jim