Menu

Joomla Blog

Tutorials, reviews, case studies and other tips to help website owners and website developers master the Joomla content management system.

Logging in to a Joomla site using the GMail Authentication Plugin

{"video":"http://www.youtube.com/watch?v=YBHq2oU2sj0","width":"520","height":"390"}

As explained in our Joomla Users series (part of our Joomla Pro course), there are three ways to create user accounts:

1. Create them manually in Administrator

2. Allow users to self-register on the website

3. Use a third-party extension to import user records from a spreadsheet.

The second option - self registration - is useful if you want to force users to register before allowing them access to certain content. From a marketing perspective, this is handy because you get to capture their email address and can then follow-up with them at a later stage. The normal process for this is a user registers on the website and an email is sent to them. They click a link in that email which confirms their account and they can now login and access the restricted content. There are two variations to this. One option skips the confirmation part which is useful if you trust that users will enter a genuine email address, or if you don't care. There is another option where you specify that an Administrator has to manually approve all registrations.

There is a plugin called Authentication - Joomla that handles this process. Underneath this is an alternative called Authentication - GMail. This takes advantage of Google's GMail service and can be used to allow access to anyone who has a GMail account. Let's enable it to see how it works. GMail users can now login to the site using the standard Joomla login module. They enter the GMail address and GMail password. This is authenticated at Google and if successful, they will be granted access to Restricted content.

One reason this is useful from the user's perspective is they do not have to go through the registration process. If they ever want to change their access password, they can just do this at GMail. The site owner still gets their email address. Have a look at the User Manager and note that their email address is captured when they login. However you don't get their name.

There is a second potential benefit for site owners. Let's say a site owner only wants to grant access to restricted content to their staff. The normal process is to create an account for each staff member. But if the owner is using Google Apps with their domain, they can take advantage of this plugin. Go to the settings for the plugin and note that there is an option labelled Apply Username Suffix. Set this to Always use suffix and enter the Google Apps domain into the Username Suffix field. This forces this suffix to be part of the authentication.

So let's try to login now using a conventional GMail account. The access is denied. But if I login using an address that exists in the associated Google Apps domain, it works. Incidentally, this works if the full email address is entered, or just the first part of the address. This means when you add a new account to Google Apps, that user automatically has access to the website too. That saves the site owner the hassle of creating accounts in two places. If you want to use this feature, you probably want to disable the standard Joomla authentication plugin*, although you can use both. You'll probably also want to disable public registrations by going to any of the User Manager pages, selecting Options and changing Allow User Registration to No. This removes the Create an Account link in the login module and even if someone knows this URL, they are unable to register.

So there's an interesting Joomla feature to consider. There are other authentication methods available so if you have a specific need, check out the Site Access category at the Joomla Extensions Directory.

{jb_purplebox}*Be careful before you disable the standard Joomla authentication plugin as there is a danger of locking yourself out of Administrator. You need to initially login to the frontend with your own Google Apps account. This creates a user record in Administrator. Go to that record and add the Super User group. If you make this mistake and find yourself locked out of Administrator, you can re-enable the standard Joomla authentication plugin using phpMyAdmin which is usually available inside your website hosting control panel. You need to find the _extensions table and then the plg_authentication_jooml record. Change enabled to 1.{/jb_purplebox}

Please rate this article below and leave your comments.

Rate this blog entry:
Extension
CSS (Cascading Style Sheets)

Related Posts

 

Comments 13

Peter Miranda on Thursday, 12 July 2012 18:50

what about facebook authentication?

0
what about facebook authentication?
Richard Pearce on Monday, 16 July 2012 13:36

There are several third party authentication options listed at the JED.

0
There are several third party authentication options [url="http://extensions.joomla.org/extensions/access-a-security/site-access"]listed at the JED[/url].
Robert Wilson on Friday, 13 July 2012 03:02

Facebook authentication is possible on your Joomla site; however, you'll need a third party extension for that functionality.

Check the JED for those:
http://extensions.joomla.org/extensions/social-web/social-display/facebook-integration

0
Facebook authentication is possible on your Joomla site; however, you'll need a third party extension for that functionality. Check the JED for those: http://extensions.joomla.org/extensions/social-web/social-display/facebook-integration
Peter Miranda on Thursday, 12 July 2012 18:51

Thanks for the video, was great to finally work out what those plugins were.

0
Thanks for the video, was great to finally work out what those plugins were.
Guest - Anes on Thursday, 02 August 2012 22:06

Thanks Richard for this Great Tutorial you are awesome . ;)

0
Thanks Richard for this Great Tutorial you are awesome . ;)
Guest - Luis Hernández on Wednesday, 29 August 2012 05:22

Great tutorial !!! Now I can use Google Apps Authentication

0
Great tutorial !!! Now I can use Google Apps Authentication
Guest - Andrew on Wednesday, 13 March 2013 09:45

Where can someone find more information when a user is using 2-Factor Authentication for their G account

0
Where can someone find more information when a user is using 2-Factor Authentication for their G account
Richard Pearce on Friday, 15 March 2013 07:00

I would have thought that it would still work. Have you tried it?

0
I would have thought that it would still work. Have you tried it?
Guest - Andrew on Saturday, 16 March 2013 11:24

I can log in with my domain suffix but users who have the 2-Factor thing on are getting blocked. I think this may have something to do with SSL?

0
I can log in with my domain suffix but users who have the 2-Factor thing on are getting blocked. I think this may have something to do with SSL?
Richard Pearce on Monday, 18 March 2013 16:07

I can't pretend to be an expert with this. I do use the two-factor feature, but not in conjunction with the plugin mentioned in this article. Yes, it may have something to do with SSL, but I think you're going to need to ask Google that question.

0
I can't pretend to be an expert with this. I do use the two-factor feature, but not in conjunction with the plugin mentioned in this article. Yes, it may have something to do with SSL, but I think you're going to need to ask Google that question.
Guest - Andrew on Tuesday, 02 April 2013 07:34

Just wanted to update that for this to work you need to use the Application-Specific Password (ASP) from your google account. You can then log in, but this does not technically use 2-step verification. Once an account has been established you could create your own password for joomla but the user must type the domain in with user name to use this password. This is of course with appropriate suffix setting in the gmail plugin otherwise the user will have to memorize the random 16 key code generated by google. This all seems a bit sloppy... but solved the failed authentication i was originally getting.

0
Just wanted to update that for this to work you need to use the Application-Specific Password (ASP) from your google account. You can then log in, but this does not technically use 2-step verification. Once an account has been established you could create your own password for joomla but the user must type the domain in with user name to use this password. This is of course with appropriate suffix setting in the gmail plugin otherwise the user will have to memorize the random 16 key code generated by google. This all seems a bit sloppy... but solved the failed authentication i was originally getting.
Guest - Prachya P. on Thursday, 15 August 2013 14:45

It's not work in joomla 3.1. Can you suggest me for solving this problem?

Additional Info:
- New User Account Activation: Admin
- New User Registration Group: Publisher
- verify peer: Yes
- Other option is default.
- I try to login with xxx@gmail.com. It's return message: "Failed to authenticate: Result Unknown. Access Denied"

0
It's not work in joomla 3.1. Can you suggest me for solving this problem? Additional Info: - New User Account Activation: Admin - New User Registration Group: Publisher - verify peer: Yes - Other option is default. - I try to login with xxx@gmail.com. It's return message: "Failed to authenticate: Result Unknown. Access Denied"
Robert Wilson on Friday, 30 August 2013 10:23

Hey Prachya,

You might want to head over to our User Forum and post this question. You'll have a lot more people looking at your issue and possibly solving your problem.

http://www.buildajoomlawebsite.com/forum

BTW, have you turned off the standard Joomla authentication, or are you using both at once?

0
Hey Prachya, You might want to head over to our User Forum and post this question. You'll have a lot more people looking at your issue and possibly solving your problem. http://www.buildajoomlawebsite.com/forum BTW, have you turned off the standard Joomla authentication, or are you using both at once?

Free Joomla TutorialLearn Joomla for free with our 16 lesson, 2 hour course.

Get Started