I’ve been terribly frustrated with how Rails 3, SSL, and Devise play together lately.  We don’t have the “only SSL the login” requirement that this guy has, but I still like the way he figured out the SSL contraint + the later-matching redirect.

Well done.