Github user spmallette commented on the issue:
https://github.com/apache/tinkerpop/pull/889
you need to send a `sasl` key with the `saslMechanism` otherwise the
message doesn't validate and you end up with an UNAUTHORIZED. Note the sending
of the `NULL_CHALLENGE`---
