Basic Authentication can be a bit tricky especially when relying on the automated implementation

Basic Auth works in 2 different modes

Direct Authentication
the authentication header is set manually and sent all the time with the request

Challenge Response Model
the automated implementation or the way the browser works is with the challenge response model. The way this works is that the first request to the server does not send authentication information at all. The server then responds with a 401 (not authorized) response which causes the client to resend the request with the authentication information.

so if you are using the challenge/response model and your server doesnt respond with a 401 the client will never send the authentication information

to work around this issue you can just set the authentication headers manually

to debug you can use Fiddler or Wireshark. Fiddler is easier to use and plenty for all http communication. Wireshark is more complex but can look at a lot more than fiddler