Using a stock install of xwiki with the authenticator plugin installed, everything worked. I then updated tomcat to have an SSL connector. At this point logs indicate the provided username is null.
Tomcat has been configured to redirect all requests over HTTP to HTTPS. If the redirect is disabled, authentication over SSL still fails with null user. This leads me to think that something about how the form/info is received when sent over SSL is blocking this from working.