On Sat, 22 Nov 2014, Darshit Shah wrote:
Multiple challenges in a single header are allowed. I had to hack a workaround in the Test suite explicitly to support this behaviour.
Going down this route, you might enjoy this: http://greenbytes.de/tech/tc/httpauth/
-- / daniel.haxx.se