Ok, so this command example is in the documentation under basic authentication (http://web2py.com/book/default/chapter/08#Access- Control-and-Basic-Authentication):
wget --user=[username] --password=[password] http://.../[app]/[controller]/give_me_time but this command won't work with basic authentication in web2py, as web2py doesn't throw a 401 when the Authentication header is missing, but a 403 (at least with the current version of wget). In order for wget to work properly with basic authentication, one must do wget --user=[username] --password=[password] --auth-no-challenge http://.../[app]/[controller]/give_me_time The documentation on wget's --auth-no-challenge flag is as follows: ‘--auth-no-challenge’ If this option is given, Wget will send Basic HTTP authentication information (plaintext username and password) for all requests, just like Wget 1.10.2 and prior did by default. Use of this option is not recommended, and is intended only to support some few obscure servers, which never send HTTP authentication challenges, but accept unsolicited auth info, say, in addition to form- based authentication. So my question is: Is there a way to get web2py to handle these requests properly (return a 401 status code to prompt the client to resend with credentials)? (on a related note, it seems requests using urllib2 run into a similar problem: http://stackoverflow.com/questions/2407126/python-urllib2-basic-auth-problem/2955687#2955687)