Your suggestion will send the username and password as clear text. What I would like to do is, when the server has replied with 401 (unauthorized), the username and password is base64 encoded, and added to the header (Authorization). I have tried adding this to the ajax call:
beforeSend: function (xhr){
xhr.setRequestHeader('Authorization', make_base_auth("slp", "12"));
},
Where the make_base_auth looks like this
function make_base_auth(user, password) {
var tok = user + ':' + password;
var hash = btoa(tok);
return "Basic " + hash;
}
And it adds it correctly to the header, but the browser (I assume) removes it before sending, and uses its own login form instead.
I therefore was hoping that the username & password in the ajax call were intended for basic authentication, and I could use that instead.