In a current application, I take any requests for a login page (where passwords might be exchanged) and route them through a secure layer. I handle it in my Apache configuration file, doing something like
RedirectMatch ^(.*login\.cgi) https://www.mysite.com$1
Then, in any link coming from the login page, I use an http: prefix to go back to a non-secure page.
This works as far as it goes, but it's rather limited and inflexible for obvious reasons. I'm developing a new application under pure mod_perl, and would like to know if there's a convenient way to do this on the fly, so that, from within a program, I can decide to use the secure sever based on anything I choose--going to a login page, or editing a certain table, or viewing a record that has "price" in it. I wasn't able to find a discussion of this in the mod_perl docs.
Thank you, wise monks.