Optionally, you can also add the AuthGroupFile directive. This directive supplies the name and location of a plain text file containing a list of group names and users who are members. For example:

AuthGroupFile /home/httpd/useraccess/groups

The groups referenced would contain entries of the form:

groupname: username username username...
groupname: username username

The require directive is the key that invokes the password-checking process -- leave it out and the authentication process fails. The options are:

require [user1 user2 user3] [group1 group2 group3] [valid-user]

The last option, valid-user, accepts any user found in the AuthUserFile.

Caution: Do not mistype the valid-user option as valid_user. Doing so will produce a cryptic and misleading authentication error when the client tries to access the directory. This occurs because Apache interprets require_user as a username, not an option.