ACL's are actually somewhat an OS filesystem issue NOT a webserver issue. Windows support for ACL's is different than *nix. Vista and Windows 7 can read *nix ACL's, prior versions of Windows can't. Windows uses both a different authentication method and a different rights system. Note that CHMOD, and the concepts of users and groups ownership and rights on files and folders are all *nix specific. These exist across all variants of *nix specific file systems, and apply to the entire file structure, not only the web exposed parts. The 'type' of access is governed by the filesystem model.
Authentication realms (proper term) generally refer to connections. Think of it in terms of the OSI model - its a Level 5 (Sessions) matter. Can you make a connection to the desired resource? (not "what can I do when I get there?")
Apache's direct support for authentication realms comes from 'basic authentication' (tokens).
Here's a piece about enabling Apache server for an authentication realm:
http://www.whoopis.com/howtos/apache-auth.htmlI'll tell you (so you know in advance) the Windows versions of Apache (like XAMPP) do not support the hashing of the passwords in the password files, its stored in plaintext. The reason is that the encryption method is OS specific, and the Windows OS doesn't provide a comparable system call/function. There are several projects that have GUI versions for this, like DirectoryPass (very clean and lite).
There are more advanced methods, but they are generally programmatic.
Good Luck with your class/project.