As you probably noticed PHP in Google Application Engine does not provide the variables $_SERVER[‘PHP_AUTH_USER’] and $_SERVER[‘PHP_AUTH_PW’]. You can perform basic authentication anyway using the variable $_SERVER[‘HTTP_AUTHORIZATION’]

PHP code to parse HTTP authorization header looks the following way:

if (isset($_SERVER['HTTP_AUTHORIZATION'])) {
 $nobasic = substr($_SERVER['HTTP_AUTHORIZATION'],6); // removing 'Basic ' from the string
 $decoded = base64_decode($nobasic); // decoding string with user:password
 list($client_user, $client_pass) = explode(':',$decoded);
 if ($client_user == "username" && $client_pass == "password") {
   // Successfully authenticated
 } else {
   // Authentication failed, username or password are wrong
 }
} else {
 // Not authenticated as there is no appropriate header in HTTP request
}

You can check if your authentication is working sending appropriate header in HTTP request, check here to get the information how to form the header