What you are experiencing is the normal behavior. Here is a (very) short description of how the authentication works:
- Request is sent to server (without credentials) => not authenticated (your first request)
- Server responds with 401 (Access denied)
- Browser gets error and sends credentials back => authenticated (your second request)
After the 3rd step, if the server has not received the requested credentials, it sends another 401 response and the browser displays the 401 error page. A more complete description can be found here.