http to https with authentication using .htaccess file

So here is my problem i need authentication from https with redirection if user types http instead of https. Also only ask to authenticate when in https.

I have apache redireting any request with a specific folder to https

in the vhosts.d/00defaultvhost.conf

RewriteCond %{HTTPS} off

RewriteCond %{REQUEST_URI} ^/SpecialFolder/(.*)

RewriteRule ^/(.*) https://%{HTTPHOST}%{REQUESTURI} [R,L]

I also have any https requests for folders other that that special folder redirecting to http as follows in the modules.d/41modssl.default-vhost.conf

RewriteCond %{HTTPS} on

RewriteCond %{REQUEST_URI} !^/SpecialFolder/(.*)

RewriteRule ^/(.*) http://%{HTTPHOST}%{REQUESTURI} [R,L]

The tricky part is when I add the .htaccess file to the SpecialFolder

here is what I got the minute I add this I get a 401 error reguardless of how I try to access it. Im not sure what else to try

the only way to access the file is to remove the .htaccess file

here is what I got in the .htaccess

SSLOptions +StrictRequire

SSLRequireSSL

AuthName "Restricted Access"

AuthType Basic

AuthUserFile /x/y/z/.htpasswd

AuthGroupFile /x/y/z/.htgroup

Require group SpecialGroup

If I remove the .htaccess file it redirects me to https as it should and displays the page. if its an http then it just displays the page byut of course no authentication.

I would like it to ask me for authentication only when I am in https not in http.