Hi Justin,
So I guess my question is, should there be any inherent problems with trying to assign the username using wiki's external authentication from a cookie, as opposed to REMOTE_USER or LDAP, etc?
On deployment for which I wrote this code we really use domain-wide cookie instead of REMOTE_USER. Just make sure that user can't provide invalid cookies.
Domas