...
A loop is made going through each plugin in the authentication config.
Authentication Init Object is created.
it runs the apicheck function if this says they are compatible then it will run the init function, after this it will run the register_callback_routines function. The data from this function is then parsed onto the register_callback function
...
Then the postauth callbacks are called with a Authentication postauth object
After this it checks if authentication was sucessfully.
If unsuccesfull then it increases the attempt count, and creates a Authentication postauthfail object and runs the postauthfail callback
If successfull then it creates a Authentication postauthsuccess object and runs the postauthsuccess callback and then runs stores any appropriate data in the session before ending the function
...
If the display_std_form fucntion is run then it creates a Authentication displaystdform object and then includes the default login form unless the login form in config exists
...
If the display_err_form fucntion is run then it creates a Authentication displayerrform object and then includes the default errorform unless the error form in config exists
...
This is run when plugins want to determine if another plugin recognise a username, a Authentication lookupuser object is created then parsed to it.