Using 0.7.6, running as a stand-alone web-server with
Apache operating as proxy on front-end.  Read about
REMOTE_USER and discovered it only works when run as a
cgi-bin.  Roundup makes no use of the Authorization
header passed to it when used stand-alone with an
authenticating Apache proxy.  The attached patch
extracts the username from the Authorization header and
passes it as REMOTE_USER.