ehm, http authentication is a client-side-thing, e.g. you can just write the provider in perl and check wether the data the client submits is correct, but you can't tell the client how the form should look like.
the content you send in your auth provider should be shown to the user after he tried to login 3 times, if I recall the rfc correctly.

I don't think you can work with http auth if a custom login page is required. you could go for a session based authentication, though.
Say you're setting a PerlTransHandler that checks wether a cookie is provided and wether the session is valid. If so, he does nothing else and let's the usual response handler do it's work.
if the session is not valid or no session has been sent by the client, the handler set's a build_login_form()-sub routine as the PerlResponseHandler / PerlHandler and sets the Response-phase-handler to perl-script, thus overwriting the original response handler that'd jump on the request.
just be cautious _not_ to use CGI.pm with just calling ->new(), because it will read POST-data in your transport handler and you won't get any in the response-phase and wonder why.

for detailed information here is the specification for HTTP Authentication:
[ietf.org...]

practically speaking, this is what typically happens.
- the user agent requests a resource
- from rfc2617:

If a server receives a request for an access-protected object, and an acceptable Authorization header is not sent, the server responds with a "401 Unauthorized" status code, and a WWW-Authenticate header

- the user agent provides a method of collecting a user name and password and makes another request but this time includes an Authorization HTTP Request header.

Ok, so how do I get Apache to use my custom page to let Apache know the user is authenticated?

as jh mentioned above, only the user agent/client/browser can provide the user interface for basic authentication.
it's a trust issue.