Just like Active Directory and OpenLDAP, you can do it without a RADIUS server, but you will need to install an EAP-GTC supplicant on clients that don't support the EAP method (most don't support it natively).
If you want to do basic username/password authentication natively on almost all 802.1X-capable clients, you need to setup a RADIUS server.
These are not vendor limitations, they are client implementation and standard limitations.