Security Leak?

["Wang, Pin-Chieh" <Pi...@COMPAQ.com>]

I recently installed apache 1.3.12 on Linux 6.1 with NIS+ Authentication,
By reviewing the access_log file, that I noticed the user names were logged
as the 3rd field of the access record. But I also noticed when there is a
scheduled process (from NT accessing the web page the user name is
blank.(-).
Apparent there is no way the process can answer password, if Apache does not
know who the requestor is, why apache still grant the access? can this cause
security leak? or I am missing something?
Appreciated if some one can give some directions?
Thanks,
PC Wang