Breaking: #93108 - Reworked internal user group fetching for frontend users¶
Frontend users now support the same loading mechanism for usergroups as backend users, making it easier to exchange functionality by unifying the code base.
In previous versions, the Authentication Service was used to fetch groups and
enable groups, which can be achieved via the
AfterGroupsResolved PSR-14 event.
Fetching groups and permissions belongs to authorization, and not authentication (identities), where this removal is conceptually suited outside of authentication services.
The respective methods and properties
have been removed.
At the same time, much of the PHP 4-based code base from frontend users
FrontendUserAuthentication has been marked as internal or removed
completely, allowing this information not to be read or modified from the
The authentication services "subtype", "getGroupsFE" and "authGroupsFE" are never executed anymore.
Accessing the properties will trigger a PHP warning.
TYPO3 installations with custom extensions handling group related authentication services, e.g. LDAP extensions.
Use the mentioned PSR-14 event to load custom groups from different sources or based on rules, or use a custom PSR-15 middleware to inject custom groups, not based on a specific user, but related to a request.
It is possible to keep extensions compatible with TYPO3 v10 and v11 by keeping the AuthenticationService "getGroupsFE" subtype, and adding the PSR-14 event to an extension.