[00:13:50] <taylan>	 hmm, ok.  my problem: I'm using the ldap plugin with LowerCaseUsername set to false.  this way, auto-created users get the correct casing (same as in ldap) *if* the name was also entered with the correct casing in the login form...
[00:14:28] <taylan>	 if however I enter the name with a different casing in the login form, say Testuser instead of TestUser (where the ldap user is TestUser), then the wiki creates an additional user called Testuser :\
[00:15:23] <taylan>	 that's clearly buggy behavior.  I'd expect one of these two outcomes: 1) the wiki says "no such user" because ldap has TestUser not Testuser, or 2) the wiki logs in with TestUser although Testuser was entered.
[00:29:14] <Ursula>	 taylan: I think the LDAP extension does some normalization these days?
[00:33:02] <taylan>	 Ursula: it can make the username lowercase, but I would like to preserve the original casing that I have in my ldap store
[00:33:16] <Trela>	 I fixed that issue for the authentication extension that I wrote.  It contacts the remote authentication API that then returns the normalized and properly cased username back so that the extension can suggest the correct user to the AuthManager class.
[00:33:34] <taylan>	 Trela: where can i find this?
[00:33:42] <Trela>	 If you do not have the option of contacting the remote API for normalization then you would have to have it happen locally.
[00:33:57] <taylan>	 oh you mean not for ldap but another api?
[00:34:10] <Trela>	 Right, for a custom internal external authentication server.
[00:34:14] <taylan>	 I see
[00:34:40] <Trela>	 I ran into the same issue so we had to work around it by having the remote API return the properly cased user name.
[00:34:57] <Ursula>	 taylan: Because the names are ugly or?
[00:35:19] <taylan>	 Ursula: even uglier when only the first letter is capitalized :P
[00:35:36] <Ursula>	 LDAP is usually used in corporate environments.
[00:35:41] <Ursula>	 Where ugly is the standard. :P
[00:36:00] <Ursula>	 User names are a mess in MediaWiki.
[00:36:37] <taylan>	 they also don't accept underscore, right?
[00:37:00] <Trela>	 You can flub underscores in usernames as long as they do not appear at the beginning or the end of the name.
[00:38:01] <Ursula>	 Yeah, page titles are Page_title, but user names are "User name".
[00:38:03] <taylan>	 hmm.  the other day a user with an underscore in their name couldn't log in and I had to rename them in ldap to remove the underscore.  didn't have the time to investigate...
[00:38:09] <Ursula>	 But underscore normalization rules apply to both, I think.
[00:38:16] <Ursula>	 So consecutive underscores get collapsed into one.
[00:38:29] <Ursula>	 And underscores before or after get stripped, as Trela says.
[00:38:48] <Ursula>	 It's all goofy and dumb.
[00:38:56] <taylan>	 yeah
[00:39:04] <Ursula>	 Names are also case sensitive outside the first letter.
[00:39:07] <Trela>	 I handle underscores by converting them to spaces and then back when going to and from the remote API.
[00:39:21] <Ursula>	 But then wikis realized that was idiotic, so there's a separate extension called AntiSpoof that tries to prevent the most egregious cases.
[00:39:29] <taylan>	 I think I'll just ban underscores in usernames :P
[00:39:43] <Ursula>	 Since like "AB" and "Ab" being different users is confusing and bad.
[00:39:48] <taylan>	 CamelCase is superior anyway
[00:40:28] <taylan>	 oh well, I'll see how I can fetch the commonName from ldap and use that for the auto-created user and such
[00:40:43] <Ursula>	 The entire LDAP extension is a single file, last I looked.
[00:40:49] <taylan>	 Trela: once I fetch that, how do I pass it as the name to use?  what method should I be looking at?
[00:40:51] <Trela>	 Underscores at the beginning and end of names was so bad with the system I was working with(Lots of edgy teenagers) that I had to get the user name policy changed to ban them.
[00:41:04] <taylan>	 haha
[00:41:15] <Trela>	 taylan: That should be documented in the AuthManager classes.
[00:41:17] <Ursula>	 You should be able to follow the control flow just by reading through the PHP file.
[00:41:25] <Ursula>	 Oh, maybe it's been rewritten to be more complex. :-)
[00:41:30] <Trela>	 What version of MediaWiki are you using?
[00:41:34] <taylan>	 latest
[00:44:00] <Trela>	 Honestly I am not sure I can just explain how to do this over IRC.  It took a month of writing and rewriting to understand the new AuthManager class to get it working 100% perfect.
[00:44:35] <Trela>	 AbstractPrimaryAuthenticationProvider and the classes that extend it is where I would start.
[00:45:06] <taylan>	 ok, thanks ^^
[01:52:06] <taylan>	 *sigh*  I think mediawiki is a bit over-zealous with its caching.  a user that appears in the user list can't be renamed or merged/deleted; it gives me "user does not exist" errors.
[01:52:20] <taylan>	 probably because I just merged/deleted a user that had the same name but with different casing -_-
[02:11:38] <taylan>	 all the caching glitches be damned.  in the end, I just needed to make the ldap auth extension use "search-based bind" instead of "straight bind".  when configured that way it fetches the correct name.  totally trivial, but cost me hours of pondering what I'm doing wrong due to all the caching problems.
[02:11:56] <taylan>	 anyway, all works now ^^