I've an apache in frontend that redirect a request using a rewrite rule. I must put a fundamental authentication before redirect a request, and so i put this within the config file:

<VirtualHost *:443>
    ServerAdmin xxxxxx
    DocumentRoot /var/www/html/
    ServerName xxxxxxx
    RewriteEngine on
    ErrorLog logs/error.log
    CustomLog logs/access_log common

    <Directory /var/www/html/>
        AuthType Basic
        AuthName "Restricted Files"
        AuthUserFile /etc/httpd/conf/tag.pwd
        Require valid-user
        RewriteRule ^/(.*) http://xxxxxx:xxx/$1   [P,L]
    </Directory>
</VirtualHost>

But does not work.

Any suggestions?

<Location />
    AuthType Basic
    AuthName "Restricted Files"
    AuthUserFile /etc/httpd/conf/tag.pwd
    Require valid-user
    RewriteCond %{LA-U:REMOTE_USER} !^$
    RewriteRule ^/(.*) http://xxxxxx:xxx/$1   [P,L]
</Location>

I solved putting the rewrite condition and rewrite rule outdoors the Locatio directive:

<Location />
  AuthType Basic
  AuthName "Restricted Files"
  AuthUserFile /etc/httpd/conf/tag.pwd
  Require valid-user
</Location>
RewriteCond %{LA-U:REMOTE_USER} !^$
RewriteRule ^/(.*) http://xxxxxx:xxx/$1   [P,L]

thank you to h0tw1r3 for that suggestion

*Bear in mind that Location directives work on Web addresses, and never sites. This means that if a person produces an alias towards the document root, they'll completely bypass these authentication rules. (See http://httpd.apache.org/docs/2.0/mod/core.html#location for additional.)