Our camp has been using Tomcat 3.1 in the past. Recently, we have been trying to migrate to Tomcat 3.3m4. It seems that in the past, if we use Apache basic authentication, and forwarded the request via Ajp12 to tomcat, the HttpServletRequest.getUserPrincipal().getName() returned the authenticated user. Now, using the same code, getUserPrincipal() returns null, however, HttpServletRequest.getRemoteUser() returns the authenticated username. Can anyone explain to me the difference between these two methods, and which one we can reliable count on? Thanks, Bryan
