Invalid 'Authorization' header

We have configured search guard with AD authentication. It works, but for users with colon symbol auth doesn’t work with the following WARN:

[WARN ][com.floragunn.searchguard.authentication.http.basic.HTTPBasicAuthenticator] Invalid ‘Authorization’ header, send 401 and ‘WWW-Authenticate Basic’

The problem is in this part of

if (decodedBasicHeaderParts.length != 2 || decodedBasicHeaderParts[1] == null)


When password contains colon (“:”), decoded phrase include more than 2 parts and auth attempt throws an exception.