What authentication type is the application using? If it's basic HTTP authentication, then using http://user:pass@app.example.com should work (or the corresponding -u flag for curl). If it's NTLM, then you'd need to use --ntlm for curl.
If you want to monitor an app that only supports NTLM, it gets more complicated. With a default HTTP monitor, you're able to send a single static request and wait to see if the pool member responds. If that response contains a configurable static string the pool member gets marked up. With NTLM authentication, I think you'd need to send multiple requests to negotiate the authentication header value required to access the application. This page (
Click here) indicates there are three request/responses required.
If you really need to authenticate with a monitor to check the app, you might be able to write/find a client which can do this and then reference it with an external monitor.
Else, if you just want to check if the service is up and responding, you could send a standard HTTP request and look for 401 in the response (receive string).
Aaron