Ah yes, a subtle nuance here.
When you set the Authentication.Username in the CONNECT, also set Authentication.IsAuthenticated equal to True.
This way, MWG will remember the Authentication.* properties inside the tunnel. If Authentication.IsAuthenticated is not set to True, then MWG will forget it for requests in the HTTPS tunnel.
Thanks, that was the small hint i needed