An authentication and access control system on Apache server can be set in different ways. An interesting option in a company information system context consists to use a public key-based infrastructure (more exactly based on a pair of asymmetric key).  

This system is better than classical login/password identification:

• Not so many passwords to manage (not even Single Sign-On
• Transparent access for user,
• Communication encryption,
• Centralized and fine-grained management of security access,
• No public certificate to buy.

The main disadvantage of this approach is that you have to program by HTTPS protocol the customers' software reaching the server. This configuration might be hard when software run on the Java platform.  

----  

OQube advises you and sets authentication solutions by asymmetric keys on Linux server and for networked groups.