Apologies I should have created two feature branches...sigh...
Using externally authentication and relying on the usernames (email addresses) passed to galaxy in HTTP_REMOTE_USER can result in mixed case usernames being passed in. This creates havoc with managing the admin users list and is resolved by this patch.
I considered fixing the is_admin_user tests, but landed on this solution so that the usernames in the database are always lower case, as one might expect from an email address.
Additionally, this pull request incorporates some unification of the http transactions with the toolshed while installing etc... When running the toolshed behind an Apache proxy to do authentication (use_remote_user = true) 401 unauthorized errors are encountered without the addition of a password handler for the negotiation. This code provides this ability with a utility method transact_with_tool_shed(). Augmentation of the tool_sheds_conf.xml is also required meaning the addition of user and pass attributes for the tool_shed node.
Thanks for the contribution. As you noted, two separate pull requests are warranted. Moreover, the tool shed code is under heavy development, so you'll need to rebase your tool shed changes and see if they still solve an outstanding problem. With this in mind, I'm declining the pull request, BUT I encourage you to create new forks for each feature and resubmit your pull requests when they are ready.