Uh, is this going to get committed?
The Zope/Python XML-RPC people are fixing a similar defect in their
XML-RPC implementation; it would be good if Apache followed suit.
http://lists.zope.org/pipermail/zope-dev/2002-August/017126.html
http://lists.zope.org/pipermail/zope-dev/2002-August/0
XmlRpc.java does not provide adequate support to implement HTTP Basic
Authentication. WebServer.java implements it incorrectly. This patch
fixes both problems.
If an HTTP request requires authentication, the server MUST return a
401 Unauthorized:
http://www.w3.org/Protocols/rfc2616/rfc2616-se
