How secure is secure? Did you reject http authentication because it was in plain text?

If so, you may want to look at Digest access authentication which works in a similar manner, but is much more secure. It is supported by most modern browsers, (although you need to workaround a bug in IE when using query strings).

I'm not sure if there is a ready-made module for doing this, but you can certainly repurpose one of Digest modules.

clint