I wanted to add the ability to allow Hostbased read access - and still allow users to log in to gain higher rights like editing.
I don't think that http://wiki.splitbrain.org/wiki:tips:htaccessauth
would help me because it lacks support for group ACLs.
I decided to have "host accounts" (<fqdn>:*:<some fullname>:<some email>:<groups>) in the auth-Backends database, so that I could assign groups to FQDNs. Attached is a ''diff -u'' on auth.php with my solution. I hope it doesn't break too much? I have only tested against ''$conf['authtype'] = 'plain';'' but maybe it also works with different methods.
Thanks for commenting