Note that I don't think the bug you cited actually
applies to me
because SPNEGO occurs with every request. Meaning we don't really need
to know if the user has already authenticated.
Ah, didn't realize that. Yeah, the bug doesn't apply to you then.
Overall I have to say I'm a little worried about
all the magical
things that need to occur to get non-username/password authentication
working. It's fine once you get it working but the extensions are a
little fragile in the face of changes like the UserLoadFromSession
one. I get the feeling non-username/password based authentication is
not a principal design feature. That's a shame.
I agree, and it is something I think I'll try to rectify. I've said a
number of times in the past that I'd try to fix this and haven't had
time, but I've actually been looking at and working on it recently.
PS: I see now that SVN has a much more current version
of your LDAP
extension. I'll make sure to look at SVN from now on.
Yeah, what is in SVN is usually what is at
mediawiki.org, but I've been
updating the extension recently and am about to do a release. There are
a few more outstanding todos left before I do so. Should be a really
good release though ;).
V/r,
Ryan Lane