If you have a service that does not have any authentication, such as Margarita, its easy to do using OS X’s built in Apache
Make a plan site in Server.app. Give it the port you want.
Then go and edit the site config file. These are stored in /etc/apache2/sites in 10.7 and in /Library/Server/Web/Config/apache2/sites in 10.8 and 10.9
Your looking for a file that matches you site, like 0000_any_8100_test.com.conf
edit the file
ServerName test.com
ServerAdmin admin@example.com
DocumentRoot "/Library/Server/Web/Data/Sites/CustomSitesDefault"
DirectoryIndex index.html index.php /wiki/ default.html
CustomLog /var/log/apache2/access_log combinedvhost
ErrorLog /var/log/apache2/error_log
ProxyPass / http://127.0.0.1:8089/
<Location />
AuthUserFile /Library/Server/Web/Data/Sites/CustomSitesDefault/htpass
AuthName "Authorisation Required"
AuthType Basic
require valid-user
</Location>
<IfModule mod_ssl.c>
SSLEngine Off
SSLCipherSuite "ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM"
SSLProtocol -ALL +SSLv3 +TLSv1
SSLProxyEngine On
SSLProxyProtocol -ALL +SSLv3 +TLSv1
</IfModule>
<Directory "/Library/Server/Web/Data/Sites/CustomSitesDefault">
Options All +MultiViews -ExecCGI -Indexes
AllowOverride None
<IfModule mod_dav.c>
DAV Off
</IfModule>
</Directory>
</VirtualHost>
What your adding is this
<Location />
AuthUserFile /Library/Server/Web/Data/Sites/CustomSitesDefault/htpass
AuthName "Authorisation Required"
AuthType Basic
require valid-user
</Location>
The ProxyPass is setting up mod_proxy ,make sure this is loaded in your main httpd.conf, to forward all requests / to a server on localhost:8089
The Location section is then setting for a basic auth password for any access of /
Make sure you have set a user and password using htpasswd and that the file can be read by apache