OK, I found the answer
String authorization = request().getHeader(AUTHORIZATION);
The authorization header contains the username:password in a base64 encoded form.
AUTHORIZATION = "Basic oa76dfexvdd3=="
here, if you decode oa76dfexvdd3==
, you will get something like "myusr:mypwd", which you can then use for the authentication.