Is mod_perl an option, or are you using straight CGI? If the former is a viable alternative, then you may be able to intercept the request in the authorization and/or authentication phases and then decide what to do with the request - direct the user to a standard HTML login page, or let them through