should the 401 response also offer a basic auth option if that module is also enabled for a given location block? is there a way for one module to read another's config to detect the overlap? or is this a module-loading-order issue (c.f., the way the fancy_index module inserts itself before the built-in autoindex module in its HTTP_MODULES config var)?
This can be done using the nginx satisfy directive. See atomx#10