--- /dev/null
+commit 2999147ffd889d4f6523c905f8e5d2013c28f8a0
+Author: Dobrica Pavlinusic <dpavlin@rot13.org>
+Date: Thu Jun 23 20:21:20 2011 +0200
+
+ take SAML username from REMOTE_USER, but ignore _everyone
+
+diff --git a/C4/Auth.pm b/C4/Auth.pm
+index e9c0586..b99ddfc 100644
+--- a/C4/Auth.pm
++++ b/C4/Auth.pm
+@@ -611,7 +611,8 @@ sub checkauth {
+ my ( $userid, $cookie, $sessionID, $flags, $barshelves, $pubshelves );
+ my $logout = $query->param('logout.x');
+
+- if ( $userid = $ENV{'REMOTE_USER'} ) {
++ $userid = $ENV{'REMOTE_USER'};
++ if ( $userid && $userid ne '_everyone' ) { # anonymous SAML user
+ # Using Basic Authentication, no cookies required
+ $cookie = $query->cookie(
+ -name => 'CGISESSID',
+@@ -619,6 +620,7 @@ sub checkauth {
+ -expires => ''
+ );
+ $loggedin = 1;
++ warn "# userid: $userid";
+ }
+ elsif ( $sessionID = $query->cookie("CGISESSID")) { # assignment, not comparison
+ my $session = get_session($sessionID);