With this module and Secure Login installed we are able to redirect all auth users to the SSL version of our site. We are olso using ubercart which is writing to session cart orders until user logs in and then merge the cart of anonymous user with the logged in user.
If we don't redirect Add to cart form to the SSL the user will have a session that is set on the insecure site, so after he logs in the cart is not merged because session was set on insecure site.
if we redirect Add to cart form to SSL and the user adds some products in cart but then leave the site and then return to insecure site the cart is empty which is confusing for the user.
Solution we thought of is or to set AUTH SSL on hook_boot not on user log in but on check if a session is set or to set another cookie something like SESSSSL.
What you think about this? We can also make a patch for this functionality if you find it useful. Thank you for this great module!