I've prepared proof-of-concept of an alternate solution that reuses existing HTTP authentication:
http://geekhood.net/auth/In essence this works by translating HTML form into URL in format http://user:[EMAIL PROTECTED] (it can be done using JS or HTTP redirect. Ideally, this would be done by the browser based on <form> attribute or such).
-- regards, Kornel Lesinski
