Loads of them, but it seems to me, it all depends on what you really want. What type of app is it, what kind of rights do you want, are there different type of users, do they need different times to log in, do they have different roles etc. etc.
But anyway, you're able to use .htacces and .htpasswd in apache, use the dbd implementation and modperl to inplement it in apache, use ldap, or use dbd and your database to use your own script to take care of it.
For our application we use a simple database table with a crypted password, but it's accessed through the user object, so per user we can set certin rights depending on the role the user has on a certin moment.
The user settings are then stored using a session cookie, so it's allways known if a request is permitted or not.
ps. we use MySQL, and use the sql command 'crypt' to crypt the data. When using https it should give enough security i'd say.