Hmmm... I'll have to ponder that. My original plan had been to use my existing framework only, for the cgi bits, hand the processing off to a "CGI masquerade" module, rather than needing to also do a separate access / authentication that is also used for the CGI-ish bits.

I was thinking that there should be a way for me to run through mod_cgi directly from inside my handler rather than needing to let Apache do the mod_cgi processing. Also, I'd prefer to keep from exposing the .cgi scripts to the outside world.

What you suggest is definitely an interesting approach and I hadn't thought of doing it that way. I'll need to investigate a little bit in how to do the access/authentication as well as building an output filter.