I've handled to obtain authentication a minimum of partially setup but am mystified why security is not working... During my httpd.conf apply for ssl I've....

<Directory /usr/local/apache2.2/cgi-bin/oia>
    SSLRequireSSL
    Satisfy All
    AuthType     basic
    AuthName     "Protected Intranet Area"
    AuthUserFile conf/.passwd
    AuthGroupFile conf/groups
    Require      valid-user
</Directory>

I actually do possess the user password within the setup so when being able to access the page via https://....../cgi-bin/oia, it will properly prompt me for that user title and password. Issue is basically make use of the same URL with http:// there is no compelling for any user title or password.

Any advice is greatly appreciated. Nikki

You can setup a mod_rewrite rule to continually forward the http://x.y.com to https://x.y.com (that is most likely what for you to do anyway)