I presume this fixes #31418? Your patch makes sense to me. I could argue that it could even be done *before* the SSLRequire checking, such that the "username" is logged appropriately even if an SSLRequire triggers a 403, but I doubt that matters much.
Thanks for looking at this!
