2 files changed, 11 insertions, 0 deletions

diff --git a/Bugzilla/Auth/Login/WWW.pm b/Bugzilla/Auth/Login/WWW.pm
index 8b7724bef..cc3ae25e2 100644
--- a/Bugzilla/Auth/Login/WWW.pm
+++ b/Bugzilla/Auth/Login/WWW.pm
@@ -70,6 +70,11 @@ sub login {
     if ($userid) {
         $user = new Bugzilla::User($userid);
 
+        # Redirect to SSL if required
+        if (Param('sslbase') ne '' and Param('ssl') ne 'never') {
+            Bugzilla->cgi->require_https(Param('sslbase'));
+        }
+
         $user->set_flags('can_logout' => $class->can_logout);
 
         # Compat stuff
diff --git a/Bugzilla/Auth/Login/WWW/CGI.pm b/Bugzilla/Auth/Login/WWW/CGI.pm
index a66ce7425..10eb85f60 100644
--- a/Bugzilla/Auth/Login/WWW/CGI.pm
+++ b/Bugzilla/Auth/Login/WWW/CGI.pm
@@ -135,6 +135,12 @@ sub login {
     # No login details were given, but we require a login if the
     # page does
     if ($authres == AUTH_NODATA && $type == LOGIN_REQUIRED) {
+
+        # Redirect to SSL if required
+        if (Param('sslbase') ne '' and Param('ssl') ne 'never') {
+            $cgi->require_https(Param('sslbase'));
+        }
+    
         # Throw up the login page
 
         print Bugzilla->cgi->header();