Hmm. You have a request_rec there. How about:
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "Encountered FakeBasicAuth spoof: %s", username);
Providing the request means that you get more information in the error_log.
Duh. Thx,
Plz assume my +1 for APACHE_2_0_BRANCH is for the forthcoming rerror version :)
