REMOTE_USER "script is protected"?

[Phenix]

I have a form on an html page that is protected under htaccess. When I submit the form, I see the environment variables showing
GATEWAY_INTERFACE = CGI/1.1
but I do not see an entry for REMOTE_USER.

At http://hoohoo.ncsa.uiuc.edu/cgi/interface.html
it says "This is the specification for CGI version 1.1, or CGI/1.1" and the link at http://hoohoo.ncsa.uiuc.edu/cgi/env.html
says

The following environment variables are specific to the request being fulfilled by the gateway program:

REMOTE_USER
If the server supports user authentication, and the script is protected, this is the username they have authenticated as.

The script that processes the form (simply showing the environment variables), is in a path that is not protected by htaccess (i.e. /cgi-bin/). I cannot run perl scripts outside of the cgi-bin path.

Am I really supposed to protect the script?
It seems to me that since the html page is already protected by htaccess, the REMOTE_USER should be set and passed to the perl script that resides in the cgi-bin. But I am doing this already so I must be missing something. Plus I could ask for a different username to authenticate for the cgi-bin directory or one of its subdirectories.