+++ This bug was initially created as a clone of Bug #1331022 +++

Description of problem:

In mod_authn_anon, the Anonymous_LogEmail directive controls password logging for anonymous users. When enabled (by default), the password entered should be logged in the error log [0]. In reality, the password is never logged.

Version-Release number of selected component (if applicable):
httpd-2.2.15-45.el6.x86_64

Steps to Reproduce:
# mkdir /var/www/html/private
# cat > /etc/httpd/conf.d/httpd.conf <<EOF
<Directory "/var/www/html/private">
    AuthName "Use 'anonymous' & Email address for guest entry"
    AuthType Basic
    AuthBasicProvider file anon
    AuthUserFile "conf/passwd"

    Anonymous_NoUserID off
    Anonymous_MustGiveEmail on
    Anonymous_VerifyEmail on
    Anonymous_LogEmail on
    Anonymous anonymous guest www test welcome

    Require valid-user
</Directory>
EOF
# htpasswd -c -b /etc/httpd/conf/passwd myuser mypassword
# service httpd start
# curl -v -u anonymous:anonymous http://localhost/private/

Actual results:
/var/log/httpd/error_log does not contain 'anonymous'

Expected results:
/var/log/httpd/error_log should contain 'anonymous'


[0] https://httpd.apache.org/docs/2.2/mod/mod_authn_anon.html#anonymous_logemail