People now use a lot of Web apps (cms, web mail). Those often share the same hosting and HTTP authentification can be a simple way to get a single sign on feature (especially on the LAN, inside a company).

What I understand is that this requires (for a kinda quick & dirty support) :

• create a new AuthSource type (let's say AuthSourceHTTP)
• add a new flag column to AuthSources table to test if Auth method rely on a form on not
• if not manage things as a :before_filter in the login action.

I'll try to have a look on that and submit a sample patch, but I'm not a Ruby/Rails expert at all.