The External Authentication plugin supports login based on the identity provided by the webserver (aka the Remote User), which is usually supplied via proxy servers or webserver modules (eg. "Basic Auth"). It differs from the Piwigo "apache_authentication" option by providing a greater degree of flexibility, including:

• Control over which variable(s) are used for authentication
• Piwigo login will always follow changes in (recognized) Remote Users
• Native Piwigo logins possible when the Remote User is considered a guest
• Option to copy webserver supplied passwords to Piwigo accounts
• External login/logout URLs replacing or co-existing with native ones
• Possibily to auto-register unknown Remote Users as new Piwigo users
• Control over auto-registration profiles, passwords, status and notifications
• Flexible list of Remote Users considered guests

Fallback Authentication is optional, and permits native Piwigo logins when the current Remote User is considered a guest. NOTE: If Remote User auto-registration is disabled, any Remote User unknown to Piwigo is considered a guest. If Fallback is disabled, Piwigo logins will always match the current Remote User.

The plugin makes every effort to prevent un-intentional account lockout, and is always disabled upon activation to permit configuration before login enforcement is enabled (which may immediately log the current session out!).