Rails 3.1.1 and ssl

Rails 3.1.1 makes it super easy to force ssl communication in production
by setting the following flag in the config/environments/production.rb

  # Force all access to the app over SSL, use Strict-Transport-Security,
and use secure cookies.
  config.force_ssl = true

I want to only require https (or ssl) for a few selected screens, e.g.
login, change_password etc.

Is there an easy way for doing that?


Most likely, you should require https for the entire app anyway: