The Apache documentation on your site should include a .../path/to/apachedocs/howto/auth.html that describes the Apache-supplied authentication methods (password, digest, db). You specifically say

a mech that authenticates a user with the usual username and password

If you mean the system user/passwd, then be aware that opening access via your web server to the system password file(s) is generally considered a BadIdea (which is why the Apache Group does not provide a mechanism to do this). One of the O'Reilly Apache books (either the Complete Guide or the Cookbook; neither is directly at hand, so I can't be more specific just now) gives a clearer explanation than I can do at the moment.