shmem is right. Client authentication must be challenged by the server. But, and this is a big "but", I think that you can add an appropriate "Authorization:" header using lwp::request. It has the -H option that'll do that, and it has the -f option to force it through---"but" the server might not go for it. Give it a try. See: lwp::request