From this site,
Currenct Sblim CIM client CIM call get response code will use WWW-Authenticate, and in this way (refer to following link for more detail),
1. The client requests a page that requires authentication but does not provide a user name and password; typically this is because the user simply entered the address or followed a link to the page
2. The server responds with the 401 ("Unauthorized") response code, including the required authentication scheme and the authentication realm
3. At this point, the client will present the authentication realm (typically a description of the computer or system being accessed) to the user and prompt for a user name and password; the user has the option to cancel at this point
4. Once the user has supplied a user name and password, the client adds an Authorization header (with value base64encode(username+":"+password)) to the original request and re-sends it
But we do not have step #3, so we can avoid step #1, in this way we can avoid acces denied error in good path.