Hello Christian, I've experimented by setting up a listener with `nc -nlvp 12345` and firing requests against localhost:12345
curl: GET / HTTP/1.1 Host: localhost:12345 Authorization: Basic bXl1c2VyOm15cGFzcw== User-Agent: curl/7.85.0 Accept: */* http-client: GET / HTTP/1.1 Host: localhost:12345 User-Agent: http-client/1.2 (CHICKEN Scheme HTTP-client) This confirms what you've seen. However, if you look at the documentation of `determine-username/password`, the following jumps at me: > The procedure in this parameter is called whenever the remote host > requests authentication via a 401 Unauthorized response. Since the listener does not request authentication, the procedure is never invoked. If you want to unconditionally set this header, pass it explicitly. Vasilij
signature.asc
Description: PGP signature