# File wfo/auth.rb, line 120
  def Auth.http_basic_auth_handler(webclient, response)
    uri = response.uri
    unless response.code == '401' &&
           response['www-authenticate'] &&
           response['www-authenticate'] =~ /\A\s*#{Pat::HTTP_Challenge}s*\z/n
      return nil
    end
    auth_scheme = $1
    rest = $2
    params = []
    while /\A#{Pat::HTTP_AuthParam}(?:(?:\s*,\s*)|\s*\z)/ =~ rest
      rest = $'
      k = $1
      v = $3 ? $3.gsub(/\\([\000-\377])/) { $1 } : $2
      params << [k, v]
    end
    return nil if /\Abasic\z/i !~ auth_scheme
    return nil if params.length != 1
    k, v = params[0]
    return nil if /\Arealm\z/i !~ k
    realm = v
    protection_domain = KeyRing.http_protection_domain(uri, 'basic', realm)
    canonical_root_url = protection_domain[0]
    KeyRing.with_authinfo(protection_domain) {|username, password|
      user_pass = "#{username}:#{password}"
      credential = [user_pass].pack("m")
      KeyRing.vanish!(user_pass)
      credential.gsub!(/\s+/, '')
      path_pat = /\A#{uri.path.sub(%r{[^/]*\z}, '')}/
      webclient.add_basic_credential(canonical_root_url, realm, path_pat, credential)
    }
    webclient.make_request_basic_authenticated(response.request) # xxx: update req destructively.
    return response.request
  end