Note that I don't think the bug you cited actually applies to me because SPNEGO occurs with every request. Meaning we don't really need to know if the user has already authenticated.
Ah, didn't realize that. Yeah, the bug doesn't apply to you then.
Overall I have to say I'm a little worried about all the magical things that need to occur to get non-username/password authentication working. It's fine once you get it working but the extensions are a little fragile in the face of changes like the UserLoadFromSession one. I get the feeling non-username/password based authentication is not a principal design feature. That's a shame.
I agree, and it is something I think I'll try to rectify. I've said a number of times in the past that I'd try to fix this and haven't had time, but I've actually been looking at and working on it recently.
PS: I see now that SVN has a much more current version of your LDAP extension. I'll make sure to look at SVN from now on.
Yeah, what is in SVN is usually what is at mediawiki.org, but I've been updating the extension recently and am about to do a release. There are a few more outstanding todos left before I do so. Should be a really good release though ;).
V/r,
Ryan Lane