diff --git a/gracedb/ligoauth/middleware.py b/gracedb/ligoauth/middleware.py
index b5819044aec7592e1361d102a162ff45e9121bf7..b7156d6141e506c2f86eb7e06cb9a41df86b3009 100644
--- a/gracedb/ligoauth/middleware.py
+++ b/gracedb/ligoauth/middleware.py
@@ -47,8 +47,11 @@ class ShibbolethWebAuthMiddleware(PersistentRemoteUserMiddleware):
         # Get username from request headers
         username = request.META.get(self.user_header, None)
 
-        # If the header is blank or doesn't exist, return
-        if username is None:
+        # If the header is blank or doesn't exist, return. We also catch
+        # case where the username is '(null)', meaning the corresponding
+        # Apache environment variable was empty but it still put the value
+        # in the header (for some reason)
+        if (username is None or username == '(null)'):
             return
 
         # If shib headers are available and the user is already authenticated,