The HTTP Digest authentication will raise an exception, and return a
500, if the client fails to include a nonce key/value in the
Authorization header value. Rather than raise an exception it should
simply return 401.
This also happens if the client specifies Basic authentication
credentials. Again, it should return 401 rather than 500.