--- ResponseHandler.pm.orig	2009-10-09 10:27:31.000000000 +0200
+++ ResponseHandler.pm	2009-10-09 10:29:18.000000000 +0200
@@ -759,10 +759,18 @@
 	my $app = get_app($log, $session{site}, $dbh, $session{iface});
 
 	if (!$sso_session->{$app->{auth}} and $app->{auth_type} != SSL and $r->unparsed_uri =~ /vulture_app/) {
+	    if ($session{proto}) {
 		$r->status(200);
 		$r->content_type('text/html');
 		$r->print(auth_form($r, $app, $dbh, $id, 1, $session_referer{_session_id}));
-		return Apache2::Const::OK;
+	    }
+	    else {
+		$r->status(200);
+		$r->content_type('text/html');
+		$r->headers_out->add('Set-Cookie' => "vulture_app=$id; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=".$r->hostname);
+		$r->print(get_redirect("/"));
+	    }
+	    return Apache2::Const::OK;
 	}
 
 	if ($id_portail = param('Vulture_portail')) {