diff --git a/ChangeLog b/ChangeLog
index e838076f7..a121f9560 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+2008-05-12  Badlop  <badlop@process-one.net>
+
+	* src/web/ejabberd_http.erl (parse_auth): Allow password that
+	include colon character (EJAB-522)
+
 2008-04-30  Christophe Romain <christophe.romain@process-one.net>
 
 	* src/mod_caps.erl: XEP-0115 patch (EJAB-618)
diff --git a/src/web/ejabberd_http.erl b/src/web/ejabberd_http.erl
index 5c14a287b..a53910803 100644
--- a/src/web/ejabberd_http.erl
+++ b/src/web/ejabberd_http.erl
@@ -635,11 +635,14 @@ parse_auth(_Orig = "Basic " ++ Auth64) ->
 	{error, _Err} ->
 	    undefined;
 	Auth ->
-	    case string:tokens(Auth, ":") of
-		[User, Pass] ->
-		    {User, Pass};
-		_ ->
-		    undefined
+	    %% Auth should be a string with the format: user@server:password
+	    %% Note that password can contain additional characters '@' and ':'
+	    case string:chr(Auth, $:) of
+		0 ->
+		    undefined;
+		SplitIndex ->
+		    {User, [$: | Pass]} = lists:split(SplitIndex-1, Auth),
+		    {User, Pass}
 	    end
     end;
 parse_auth(_) ->