How is basic authentication worked?

When an exact resource has been protected using fundamental authentication, Apache sends a 401 Authentication needed header along with the response to the request, so as to notify the client which user credentials should be supplied in order for the resource to be returned like requested.

By receiving a 401-response header, the client's browser, when this supports fundamental authentication, will ask the user to supply a password and its username to be sent to the server. When you are using a graphical browser, as like Netscape or Internet Explorer which you will see is a box that pops up and provides you a place to type into your username and password, to be sent back to the server. When the username is into the approved list, and when the password supplied is accurate, the resource will be then returned to the client.

Since the HTTP protocol is stateless, every request will be treated in similar way, even if they are from similar client. It is, every resource that is requested from the server that will have to supply authentication credentials over again so as to receive the resource.

Luckily, the browser supports the details here, than you only have to type within your username and password one time per browser session - which is, you might have to type this in again the next time you open up your browser and visit similar web site.