diff --git a/nodes/core/io/21-httpin.js b/nodes/core/io/21-httpin.js
index 8b8493bf4..8518c196f 100644
--- a/nodes/core/io/21-httpin.js
+++ b/nodes/core/io/21-httpin.js
@@ -76,6 +76,14 @@ module.exports = function(RED) {
                 RED.httpNode.options(this.url,corsHandler);
             }
 
+            var httpMiddleware = function(req,res,next) { next(); }
+            
+            if (RED.settings.httpNodeMiddleware) {
+                if (typeof RED.settings.httpNodeMiddleware === "function") {
+                    httpMiddleware = RED.settings.httpNodeMiddleware;
+                }
+            }
+            
             var metricsHandler = function(req,res,next) { next(); }
 
             if (this.metric()) {
@@ -97,13 +105,13 @@ module.exports = function(RED) {
             }
 
             if (this.method == "get") {
-                RED.httpNode.get(this.url,corsHandler,metricsHandler,this.callback,this.errorHandler);
+                RED.httpNode.get(this.url,httpMiddleware,corsHandler,metricsHandler,this.callback,this.errorHandler);
             } else if (this.method == "post") {
-                RED.httpNode.post(this.url,corsHandler,metricsHandler,jsonParser,urlencParser,rawBodyParser,this.callback,this.errorHandler);
+                RED.httpNode.post(this.url,httpMiddleware,corsHandler,metricsHandler,jsonParser,urlencParser,rawBodyParser,this.callback,this.errorHandler);
             } else if (this.method == "put") {
-                RED.httpNode.put(this.url,corsHandler,metricsHandler,jsonParser,urlencParser,rawBodyParser,this.callback,this.errorHandler);
+                RED.httpNode.put(this.url,httpMiddleware,corsHandler,metricsHandler,jsonParser,urlencParser,rawBodyParser,this.callback,this.errorHandler);
             } else if (this.method == "delete") {
-                RED.httpNode.delete(this.url,corsHandler,metricsHandler,jsonParser,urlencParser,rawBodyParser,this.callback,this.errorHandler);
+                RED.httpNode.delete(this.url,httpMiddleware,corsHandler,metricsHandler,jsonParser,urlencParser,rawBodyParser,this.callback,this.errorHandler);
             }
 
             this.on("close",function() {
diff --git a/settings.js b/settings.js
index 802c44d5a..89f5eee0a 100644
--- a/settings.js
+++ b/settings.js
@@ -125,6 +125,15 @@ module.exports = {
     // http request node.
     //httpNodeProxy : { host:"myproxy.acme.com", port:8080 },
 
+    // The following property can be used to add a custom middleware function
+    // in front of all http in nodes. This allows custom authentication to be
+    // applied to all http in nodes, or any other sort of common request processing.
+    //httpNodeMiddleware: function(req,res,next) {
+    //   // Handle/reject the request, or pass it on to the http in node
+    //   // by calling next();
+    //   next();
+    //},
+    
     // Anything in this hash is globally available to all functions.
     // It is accessed as context.global.
     // eg: