Environment
Apache 2.2.13 connect to Tomcat 5.5 with mod_jk (ajp13). Apache requires basic-auth for "/" i.e. for all URLs it serves.
Problem
Once the request arrives at my app in Tomcat (it's a Servlet filter) request.getUserPrincipal() returns null. Apache, however, did authenticate the request. I did enter user/password in the browser's dialog.
Any ideas?
After hours I finally found the culprit. As so often, a single flag makes all the difference.
In server.xml the AJP/1.3 connector must be configured with tomcatAuthentication="false". An explanation of this parameter can be found here (scroll to bottom): http://tomcat.apache.org/tomcat-5.5-doc/config/ajp.html.
The following threads helped quite a bit: mail-archive.com/users@tomcat.apache.org/msg55080.html.