If you would like to do the authentification in Java application running on Oracle WebLogic, you will probably wonder why the Authentification-Header does not reach the Filter.
By default, weblogic intercepts the request and forwards only validated Authentification-Headers.
If you would like to bypass this check and implement the full logic in your application, then you have to modify the following file
user_projects/domains/YOURDOMAIN/config/config.xml
Insert the following snippet in the <security-configuration> section:
<enforce-valid-basic-auth-credentials>false</enforce-valid-basic-auth-credentials>
Source: Coderanch