The normal problem with accessing a shadow password file from Apache is that that the shadow password file is not readable to everyone, so Apache can't read it.
Some smart-ass suggested making the shadow password file readable for everyone so that Apache can read it again. Don't do that! The whole point of having a shadow password file is limiting access to some well known services (root, that is), so that hackers are prevented from running a password-cracker over it. With that in mind, note that the real solution presented below somewhat weakens that protection, but its nowhere as unsafe as making the whole file readable to everyone (shudder).
A solution for making only Apache able to read the password shadow file is chgrp'ing the shadow password file to some new group (for example "shadow-readers"), then placing this line into your httpd.conf:
By following the above steps, your are delibaretely weakening your system security, albeit only a little. Be sure to understand what you do. If in doubt, don't do it.