I have users who's password has expired, but still has 6 grace logins.
BM SSL won't let them in at all until they change the password. Is there
a work around for this? Is the way it's supposed to work?

Can we code it so that it will prompt them via the ssl page?