|Realm||A name of the protected space on the server; a server can have multiple such spaces, each with a distinct name and authentication mechanisms.|
Basic Authentication is defined in RFC2617. It can be used to authenticate against the origin server after receiving a
401 Unauthorized as well as against a proxy server after a
407 (Proxy Authentication Required). In the (decoded) credentials, the password starts after the first colon. Therefore the username cannot contain a colon, but the password can.