Have you considered placing your entire store behind
a secure shell, secure socket layer, or proxy server?
You could have users login to one computer with whatever
login program you like.
Upon successful login, this first computer would pass each
request to your osCommerce server, which would relay the
request back to the Proxy server, which then delivers the page
content to the Logged In user.
I'm doing something like this now on a corporate network and
thus far all tests have been successful.
Good luck from