diff --git a/modules/exploits/multi/http/tomcat_mgr_deploy.rb b/modules/exploits/multi/http/tomcat_mgr_deploy.rb
index 90d62eac76..a583bbb073 100644
--- a/modules/exploits/multi/http/tomcat_mgr_deploy.rb
+++ b/modules/exploits/multi/http/tomcat_mgr_deploy.rb
@@ -65,6 +65,8 @@ class Metasploit3 < Msf::Exploit::Remote
 
 		register_options(
 			[
+				OptString.new('USERNAME', [ false, 'The username to authenticate as' ]),
+				OptString.new('PASSWORD', [ false, 'The password for the specified username' ]),
 				OptString.new('PATH', [ true,  "The URI path of the manager app (/deploy and /undeploy will be used)", '/manager'])
 			], self.class)
 	end
@@ -72,6 +74,8 @@ class Metasploit3 < Msf::Exploit::Remote
 
 	def auto_target
 		print_status("Attempting to automatically select a target...")
+		datastore['BasicAuthUser'] = datastore['USERNAME']
+		datastore['BasicAuthPass'] = datastore['PASSWORD']
 
 		path = datastore['PATH'] + '/serverinfo'
 		res = send_request_raw(