Apache's .htaccess functionality comes from an Apache module named
mod_auth.
Linux systems typically use PAM, which stands for Pluggable Authentication Module. On these systems you'd need a module that hooks into PAM. In fact there is a
mod_auth_pam module.
In order to get Apache to do system-level authentication on Mac OS X you need a module that hooks into Mac OS X's own authentication system, NetInfo. The closest thing to this is
mod_auth_ldap, which I believe is supported by Mac OS X Server.
This guy claims to have gotten this kind of authentication to work just by setting the options he describes. He's using Mac OS X Server and not the client version, and there are apparently significant differences. In any case I'm unable to reproduce his results on Panther Client. It may be enough just to use Workgroup Manager to create users in NetInfo, but I don't think it's supported on Mac OS X Client.
This post on SlashDot seems to bolster my assumptions and implies that one can compile and use
mod_auth_ldap to tie into NetInfo.
However, to complicate matters, Apache 1.3.x lacks support for the LDAP modules. Apparently they can only be used with Apache 2.0.x.
Of course, with this kind of authentication you
should only use it on a private network or if it's a public site, then through SSL (e.g., an HTTPS area that disallows non-HTTPS requests) to keep passwords (and all data) from being sent in the clear. It's bad enough to leak your HTTP passwords. Under this scheme you'd be potentially exposing system user passwords.
Good luck!
