I have a server running Apache/1.3.41.
I have an application that uses Apache, and all the configuration for this
application is done through the browser when you login as the user

The application uses Apache to do authentication - I had to add the
following to httpd.conf:
<Directory "/path/to/application">
AllowOverride None
AuthType Basic
AuthName "WebApp"
require valid-user
AuthUserFile /path/to/application/apache.userfile
Options None

My question is can I use Apache to limit logging in as user
"application-admin" to an internal subnet, so that you can't login as
"application-admin" from outside our building. For that matter, several
other internally used user accounts would be nice to limit to internal IPs
as well. Aside from just a few accounts, all the users are external users -
but these few accounts would be nice to be internal only.

What I'm wanting is:
AllowFrom any user
AllowFrom everywhere else, anyuser except "applicaiton-admin"

I could have 2 separate auth files if I needed to - one that has "application-admin" and one that doesn't (cron job every minute to copy auth.1 to auth.2 and echo "application-admin" >> auth.2)

Could I then do something more like:

Any IP - require valid-user from /auth.1
10.*.*.* - require valid-user from /auth.2