ok, rehash of old question. I have tried all the examples I have found on this topic, and same problem:

I get the logon box, no matter what I enter it still comes back 3 times, then says unauthorized.

Using Apachee IS NOT AN OPTION! There is nothing wrong with Apachee, it is a great server... it just doesn't run asp or aspx... and many other sites on this server use that. I own the server... so I am also the Admin... can change whatever I need to so long as I know why and what effect it has on security.

Below is a junk block of code... just to illustrate my situation.
Mind you it is not good code, nor close to what I am doing, but the problem is in the first part...

<?php
header("Cache-Control: no-cache, must-revalidate");
header("Pragma: no-cache");

// change this value to the User Name you want to use:
$user_name = "admin";

// change this value to the password you want to use:
$password = "password";

if (!isset($_SERVER['PHP_AUTH_USER'])) {
//If empty send header causing dialog box to appear
header('WWW-Authenticate: Basic realm="Editable Files"');
header('HTTP/1.0 401 Unauthorized');
echo 'Authorization required.';
echo ('User name entered was: ' . $_SERVER['PHP_AUTH_USER'] . 'Password was: ' . $_SERVER['PHP_AUTH_PW'] . '<br />');

exit;
} else {
echo ('User name entered was: ' . $_SERVER['PHP_AUTH_USER'] . 'Password was: ' . $_SERVER['PHP_AUTH_PW'] . '<br />');

}
?>

It doesn't return any user name or password.
You can find the user name with $_SERVER[AUTH_USER] but the $_SERVER[AUTH_PASSWORD] is still blank...

The $_SERVER[PHP_AUTH_PW] is also blank.

Realy need a heads up on this one... Microsoft says they can't help since I am running PHP...