Just to add another piece I picked up, there is no domain in the header. The server we talk to is not a readable standard apache afaik either, I found the realm information deep in a binary on the target server. Other browsers are however able to authenticate, so something wierd...

Or, I could copy the page want, modify it to remove the data I dont want and place it outside the password area, it seems like a kind of javascript HTML page processed on the request (references to JDB inside), that is however the way I least want to go in terms of security and Perl should be able to do this(maybe it's I who dont get it...)