Authenticate in Apache via System Account

As suggested by David Z, you can use mod-authnz-external. Use it with pwauth for example.

If you are running Debian or a derivative:

apt-get install libapache2-mod-authnz-external pwauth
a2enmod authnz_external

In your configuration, add

<IfModule mod_authnz_external.c>
  AddExternalAuth pwauth /usr/sbin/pwauth
  SetExternalAuthMethod pwauth pipe
</IfModule>

And in the Directory section or your .htaccess file:

    AuthType Basic
    AuthName "Login"
    AuthBasicProvider external
    AuthExternal pwauth
    Require valid-user
    # or
    # Require user jules jim ...

Finally reload the configuration with apache2ctl restart or service apache2 reload.

See also this documentation.

You probably want to look into something like mod_auth_pam. PAM is the "Pluggable Authentication Module" system and the standard Linux (I'm assuming this is Linux) system login mechanism relies on PAM to do its authentication.

Another option is mod_authnz_external, which will look directly at the /etc/shadow file to authenticate accounts.

EDIT: Apparently mod_auth_pam is no longer maintained (unfortunately), so maybe mod_authnz_external would be a better bet...

The Apache module mod_auth_pam will do exactly this for you. You enable the module, and the config file should look something like

AuthType Basic
AuthName "secure area"
require group staff
require user webmaster

And you're all set.

I just came across the same issue. Here's my solution since mod_auth_pam is dead and no one has addressed the original question,

"authenticate via local system accounts...in a specified group"

I'm using Ubuntu 18.04, so flavor the package installation to your own system. For this example, I'm hosting a directory /var/www/data and only want users in the data group to have access. I'm assuming you have an Apache installation running and the data group already created.

As mentioned before, you'll need to grab pwauth and the authnz software. Additionally, you will need mod-authz-unixgroup for group authentication. You can install them using,

apt install libapache2-mod-authz-unixgroup libapache2-mod-authnz-external pwauth

Next, change the permissions of pwauth (this was fixed on 2020-06-02, but I'll leave this here for older releases) by using,

chmod u+s /usr/sbin/pwauth

Then, write up your apache2 VirtualHost configuration. Here's a very simple example,

<VirtualHost *:80>
    # Host Info
    ServerName cool.things
    ServerAdmin [email protected]
    DocumentRoot /var/www

    # Where the logs go
    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    # Setup external authentication
    <IfModule mod_authnz_external.c>
        AddExternalAuth pwauth /usr/sbin/pwauth
        SetExternalAuthMethod pwauth pipe
    </IfModule>

    # Load an _h5ai index
    <Directory "/var/www/data">
        Options Indexes FollowSymLinks MultiViews
        DirectoryIndex index.html index.php /data/_h5ai/public/index.php

        # Setup Basic Authentication
        AuthType Basic
        AuthName "data group members only"
        AuthBasicProvider external
        AuthExternal pwauth

        # Only allow members of the "data" group
        Require unix-group data

    </Directory>
</VirtualHost>

Finally, you'll need to reload, restart, and check the status of Apache for errors.

service apache2 reload 
service apache2 restart 
service apache2 status