I was playing with the Brazil Framework, a fairly lightweight HTTP stack. It is useful for piecing together HTTP servers. For example, one can serve up static content protected by HTTP basic authentication by chaining to built-in handlers together. Brazil is configured using a Java properties file, eg:
auth.realm=Test Content Realm
auth.message=You are not authorized!
Brazil would be invoked from the command line using this configuration thus:
java -jar brazil.jar -config myconfig.conf
For completeness, auth.mapfile contains a mapping of HTTP basic authentication strings (in Base64) to 'session identifiers' (which are more like user identifiers), eg:
which encodes me/myself as a user/password pair, mapped to someuser.