diff --git a/guacamole/src/main/java/org/glyptodon/guacamole/net/basic/AuthenticatingHttpServlet.java b/guacamole/src/main/java/org/glyptodon/guacamole/net/basic/AuthenticatingHttpServlet.java
index 2dc512057..ae671c91e 100644
--- a/guacamole/src/main/java/org/glyptodon/guacamole/net/basic/AuthenticatingHttpServlet.java
+++ b/guacamole/src/main/java/org/glyptodon/guacamole/net/basic/AuthenticatingHttpServlet.java
@@ -91,15 +91,26 @@ public abstract class AuthenticatingHttpServlet extends HttpServlet {
      */
     private AuthenticationProvider authProvider;
 
+    /**
+     * Whether HTTP authentication should be used (the "Authorization" header).
+     */
+    private boolean useHttpAuthentication;
+
     @Override
     public void init() throws ServletException {
 
-        // Get auth provider instance
+        // Parse Guacamole configuration
         try {
+
+            // Get auth provider instance
             authProvider = GuacamoleProperties.getRequiredProperty(BasicGuacamoleProperties.AUTH_PROVIDER);
+
+            // Enable HTTP auth, if requested
+            useHttpAuthentication = GuacamoleProperties.getProperty(BasicGuacamoleProperties.ENABLE_HTTP_AUTH, false);
+
         }
         catch (GuacamoleException e) {
-            logger.error("Error getting authentication provider from properties.", e);
+            logger.error("Error reading Guacamole configuration.", e);
             throw new ServletException(e);
         }
 
@@ -283,7 +294,7 @@ public abstract class AuthenticatingHttpServlet extends HttpServlet {
                 String password = request.getParameter("password");
 
                 // If no username/password given, try Authorization header
-                if (username == null && password == null) {
+                if (useHttpAuthentication && username == null && password == null) {
 
                     String authorization = request.getHeader("Authorization");
                     if (authorization != null && authorization.startsWith("Basic ")) {
diff --git a/guacamole/src/main/java/org/glyptodon/guacamole/net/basic/properties/BasicGuacamoleProperties.java b/guacamole/src/main/java/org/glyptodon/guacamole/net/basic/properties/BasicGuacamoleProperties.java
index 596c92997..386cd8852 100644
--- a/guacamole/src/main/java/org/glyptodon/guacamole/net/basic/properties/BasicGuacamoleProperties.java
+++ b/guacamole/src/main/java/org/glyptodon/guacamole/net/basic/properties/BasicGuacamoleProperties.java
@@ -22,6 +22,7 @@
 
 package org.glyptodon.guacamole.net.basic.properties;
 
+import org.glyptodon.guacamole.properties.BooleanGuacamoleProperty;
 import org.glyptodon.guacamole.properties.FileGuacamoleProperty;
 import org.glyptodon.guacamole.properties.LongGuacamoleProperty;
 
@@ -48,6 +49,18 @@ public class BasicGuacamoleProperties {
 
     };
 
+    /**
+     * Whether HTTP "Authorization" headers should be taken into account when
+     * authenticating the user. By default, "Authorization" headers are
+     * ignored.
+     */
+    public static final BooleanGuacamoleProperty ENABLE_HTTP_AUTH = new BooleanGuacamoleProperty() {
+
+        @Override
+        public String getName() { return "enable-http-auth"; }
+
+    };
+
     /**
      * The directory to search for authentication provider classes.
      */