Yep, I'm totally broken on this one too. Need help fast.
The problem is solved. You only have to read the new documation "Customizing the vSphere Client" for vSphere 4.1. At page 7 you find the new element supportNonSecureCommunication in the XML files. You only have to insert
<supportNonSecureCommunication>true</supportNonSecureCommunication> and everything is fine again
supportNonSecureCommunication Optional. For non‐secure HTTP connections between the vSphere Client and and the plug‐in Web server that is identified by the url element of an extension element. See the description of the url element below. When the vSphere Client establishes a secure connection to a plug‐in Web server, the Client will pass sessionId and webServicesSessionId values in the HTTPS request. If the extension element specifies a standard HTTP connection, by default the vSphere Client does not pass the session identifiers to the plug‐in server. To include session identifiers in a standard HTTP request, use the following statement in your configuration file. <supportNonSecureCommunication>true</supportNonSecureCommunication>
So the correct answer to my question is: RTFM