Inability to force https rewrite before password authentication

Hello All,

I have a strange problem here and was wondering if anyone had a solution.
I'm looking to perform a rewrite to https then require the user submit a
username and password. The idea behind this is that the username and
password are submitted encrypted rather than in plain text.

First off version information
Apache
Server version: Apache/1.3.26 (Unix)
Mod_SSL
2.8.9 (debian 2.8.9-2.1)

I looked at Ralf's presentation from apachecon2000 (ref
http://www.modssl.org/docs/apachecon2000/slide-021-n.html ) which does
have a recipie for what I am looking to accomplish. The only problem I
have is it doesn't seem to work for me. The password authentication
happens before the url redirection which isn't desireable in this case.

My configuration

/subdir">
Options Indexes FollowSymLinks
AllowOverride All
RewriteEngine on
RewriteCond %{REMOTE_ADDR} !^192\.168\.1\.[0-9]+$
RewriteCond %{HTTPS} !=on
RewriteRule ^/(.*) https://%{SERVER_NAME}/subdir/$1 [R,L]
SSLOptions +StrictRequire
SSLRequire %{SSL_CIPHER_USEKEYSIZE} >= 128
Satisfy any
Order deny,allow
deny from all
allow from 192.168.1.0/255.255.255.0
AuthName "Restricted Access"
AuthType Basic
AuthUserFile /etc/apache/htpasswd
Require valid-user


Any ideas or suggestions on how I would overcome this obstacle, or reverse
the order of directive processing so the rewrite happens first?

Thanks

Chris

____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org