I took your first example, changed $netloc, $realm, $username and $password and it worked in my tests.

One thing I do see is that if you manually set the Authorization header, as in your second example, it will send that header, and doesn't actually use the $realm set with $agent->credentials(), it works even with that line commented out. My guess with the available information would be that $realm is not correct. Perhaps you could try it with the two argument form of credentials? In my testing, an incorrect realm did not give me four attempts though, so that is a bit odd.

l8rZ,