I'd like to see RhodeCode accept the value of X-Forwarded-User that can be passed through by the front-end proxy -- or some similar mechanism. The use case for this is the dizzying array of use authentication mechanisms that RhodeCode doesn't support, but that Apache (for example) does.
A suggestion for a high-level design would first be a setting to enable external authentication. If this is not set, RhodeCode uses it's normal authentication mechanism. If it //is// set, RhodeCode takes the appropriate header (e.g., X-Forwarded-User) and (a) creates the user account in the RhodeCode DB if it doesn't exist, and (b) uses that value as the user ID. If the header is not provided, RhodeCode uses the "default" user ID.