Problem

Does the HTTP Basic filter support having multiple, comma-separated authentication tokens in the Authorization filter?

Resolution

Yes. For example, when a header like this is presented to the HTTP Basic filter:

Authorization: Basic dGVzdDp0ZXN0, Bearer bearer_token

Then the HTTP Basic filter will authenticate the base64 test:test credentials in the HTTP basic authentication and ignore the bearer token value. The bearer token could then be validated by some other means after the Basic authentication succeeds.