I've got a url that displays a 301 (permanently moved), and then
redirects to a password protected page. I would expect that the
redirection would be completely transparent to the libcurl client, but
that doesn't seem to be the case; the following code only works without
redirection:

$curl = curl_init("https://example.com/page.php");
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
//curl_setopt($curl, CURLOPT_HEADER, 1);
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($curl, CURLOPT_USERPWD, "test:test");
$result = curl_exec($curl);

$code = curl_getinfo ($curl, CURLINFO_HTTP_CODE);
print "http code: $code\n";
print "result: $result\n";

Under normal circumstances, the http code that's returned is a 200
(successful). However, when the page it tries to access is a redirect,
one of two things happens. If FOLLOWLOCATION is not set, then it
returns a 301 (moved permanently). This seem to be proper behavior. If
FOLLOWLOCATION is set, however, a 401 (auth error) is returned. This
implies that the username/password combination is sent to the redirect
page, and is no longer available for the page that has been redirected
to. This is w/ php-4.0.6 and libcurl 7.9.1. Is there any way to make
this work?

(Sorry for any incoherency, it's 4:30 am; also, please CC me on any
replies, since I'm not subscribed to the list)

-- 
"I think a lot of the basis of the open source movement comes from
  procrastinating students..."
	-- Andrew Tridgell <http://www.linux-mag.com/2001-07/tridgell_04.html>