Tutorials, reviews, case studies and other tips to help website owners and website developers master the Joomla content management system.
Logging in to a Joomla site using the GMail Authentication Plugin
As explained in our Joomla Users series (part of our Joomla Pro course), there are three ways to create user accounts:
1. Create them manually in Administrator
2. Allow users to self-register on the website
3. Use a third-party extension to import user records from a spreadsheet.
The second option - self registration - is useful if you want to force users to register before allowing them access to certain content. From a marketing perspective, this is handy because you get to capture their email address and can then follow-up with them at a later stage. The normal process for this is a user registers on the website and an email is sent to them. They click a link in that email which confirms their account and they can now login and access the restricted content. There are two variations to this. One option skips the confirmation part which is useful if you trust that users will enter a genuine email address, or if you don't care. There is another option where you specify that an Administrator has to manually approve all registrations.
There is a plugin called Authentication - Joomla that handles this process. Underneath this is an alternative called Authentication - GMail. This takes advantage of Google's GMail service and can be used to allow access to anyone who has a GMail account. Let's enable it to see how it works. GMail users can now login to the site using the standard Joomla login module. They enter the GMail address and GMail password. This is authenticated at Google and if successful, they will be granted access to Restricted content.
One reason this is useful from the user's perspective is they do not have to go through the registration process. If they ever want to change their access password, they can just do this at GMail. The site owner still gets their email address. Have a look at the User Manager and note that their email address is captured when they login. However you don't get their name.
There is a second potential benefit for site owners. Let's say a site owner only wants to grant access to restricted content to their staff. The normal process is to create an account for each staff member. But if the owner is using Google Apps with their domain, they can take advantage of this plugin. Go to the settings for the plugin and note that there is an option labelled Apply Username Suffix. Set this to Always use suffix and enter the Google Apps domain into the Username Suffix field. This forces this suffix to be part of the authentication.
So let's try to login now using a conventional GMail account. The access is denied. But if I login using an address that exists in the associated Google Apps domain, it works. Incidentally, this works if the full email address is entered, or just the first part of the address. This means when you add a new account to Google Apps, that user automatically has access to the website too. That saves the site owner the hassle of creating accounts in two places. If you want to use this feature, you probably want to disable the standard Joomla authentication plugin*, although you can use both. You'll probably also want to disable public registrations by going to any of the User Manager pages, selecting Options and changing Allow User Registration to No. This removes the Create an Account link in the login module and even if someone knows this URL, they are unable to register.
So there's an interesting Joomla feature to consider. There are other authentication methods available so if you have a specific need, check out the Site Access category at the Joomla Extensions Directory.
*Be careful before you disable the standard Joomla authentication plugin as there is a danger of locking yourself out of Administrator. You need to initially login to the frontend with your own Google Apps account. This creates a user record in Administrator. Go to that record and add the Super User group. If you make this mistake and find yourself locked out of Administrator, you can re-enable the standard Joomla authentication plugin using phpMyAdmin which is usually available inside your website hosting control panel. You need to find the _extensions table and then the plg_authentication_jooml record. Change enabled to 1.
Please rate this article below and leave your comments.