Any <Directory> or <Location> installed in the global configuration (httpd.conf or apache2.conf on Debian) will be applied to all VirtualHosts, since the default is global < global configuration.
It is quite difficult to split the <Directory> location, as you may have different DocumentRoot for your virtual hosts. But <Location /> is a good target, all of your Virtualhosts will have the URL '/'.
So, if you put this in <Location /> in a global definition, it will work unless <Location /> on one VirtualHost uses some directive to remove Auth.