A quick question on the auth_external module: when it authorises a user, can it also be used to pull additional information about that user and save it to their account? Even if it just allowed additional information to be passed and provided a hook, that would be great.

I'm thinking about a third-party membership system that would provide HTML authentication. Once users are authenticated, the system can provide membership levels, personal name, renewal date, even personal messages from the administrator. The idea is that this information would be pulled in the user's SS account (created or amended as required) and that could then be used in various placed around the SS CMS pages.

I am just wondering if Auth External makes this easy, i.e. already has this built-in as a feature.

-- Jason

No, this is not something that is built in.

A "getInfo" method could be added to the ExternalAuthenticator class to return additional attributes, but this is not relevant to the Authentication process. Also the only authentication source this could work with is LDAP.

Okay, thanks. At least I have a good module to work from.

For us "authentication" extends beyond just knowing that a user knows their password, and includes knowing additional things about that user, because many of those things affect what the user has permission to do on the SS website. I'll just extend the module to enable an arbitrary data structure to be passed back, and take it from there.

-- Jason