Hey, functionality looks good, but the naming is kind of strange: "isBackendUserAllowed" => allowed to do what? how about "isUserAllowedToLogin()" ? Apart from that: +1 from reading, testing will follow now. All the best, Benni.