Here is an example of a valid .htaccess file which we place in the directory that we wish to protect:
AuthName "Security Solutions Center HelpDesk"
<Limit GET POST>
require group Xdwp
It sounds as if your Apache webserver may not have its basic authentication turned on. The book Apache Webserver for Dummies has a good chapter on how to configure your access.conf and other files to require basic authentication, which is what would cause the password window to popup. You want to make sure that Authtype is set to basic and that other parameters are also correct.
- Since basic authentication is not turned on there is no one logging in, so REMOTE_USER is empty.
- To do anything nonstandard use the CPAN modules htpasswd and htgroup. We use them to allow administrators to generate new users online.
- I cannot think of a time when you would need to manipulate REMOTE_USER directly. Basic authentication checks it for you.
- If you do need to access REMOTE_USER then access it using CGI.pm's param function, e.g., $q->param('REMOTE_USER').