Authentication backend, responsible for validating user/password pairs and mapping them to a given user as well as the "sessioning" part, e.g.

the transition of the authentication credentials over several requests.

All functions except authenticate() must be implemented, see their individual documentation about what exactly they should do.

Configuration, if necessary, should be done using the MidCOM configuration system, prefixing all values with 'auth_backend_$name_', e.g. 'auth_backend_cookie_timeout'.



__construct ($auth)

The constructor should do only basic initialization.



authenticate ()

This function checks the given username / password pair is valid and sets the $user member accordingly.

The default implementation checks against midcom_connection::login().

Normally you should not need to override this function.


booleanIndicating successful authentication.

logout ()

The logout function should delete the currently active login session, which has been loaded by a previous call to read_login_session.

You should throw midcom_error if anything goes wrong here.



mixed $auth


string $session_id

The ID of the session we are currently using, usable as an authentication token in the login session manager.

\midcom_core_user $user

This variable holds the user that has been successfully authenticated by the class, it is considered to be read-only.