Hi, I posted this question first on tomcat-users, but with no responses. I'm hoping one of you guys will be able to answer this question. I have been using Tomcat 3.1 in the past, and have been using the getUserPrincipal().getName() method to determine who has logged in. I was using apache basic authentication, then using the mod_jserv connector to forward requests to tomcat. I have now installed Tomcat 3.3m4, and am using mod_jk. However, it now appears that getUserPrincipal() returns null (while getRemoteUser() still works). Is there a way I can get the getUserPrincipal() method to return a valid Principal object based on the Rmote User? I poked around a bit in the source code, and it looks like the code that used to set the principal user has been removed (it used to set it based on the remote user). I'm guessing that know it is the responsibility of an interceptor to set the user principal, but is there any easy way to do this? Any help would be appreciated. Thanks, Bryan