diff --git a/include/class.auth.php b/include/class.auth.php
index 9ff8cfd7ecf709c3246f356b8a5195a3c0ec1127..44d382f732e2c7d4e78da2ffedd5c8d299082124 100644
--- a/include/class.auth.php
+++ b/include/class.auth.php
@@ -464,4 +464,36 @@ class osTicketAuthentication extends StaffAuthenticationBackend {
     }
 }
 StaffAuthenticationBackend::register(osTicketAuthentication);
+
+class AuthTokenAuthentication extends UserAuthenticationBackend {
+    static $name = "Auth Token Authentication";
+    static $id = "authtoken";
+
+
+    function signOn() {
+
+        if ($_GET['auth'] && ($user=self::__authtoken($_GET['auth'])))
+            return $user;
+
+    }
+
+    static private function __authtoken($token) {
+
+        switch ($token[0]) {
+            case 'c': //Collaborator c+[token]
+                if (($c = Collaborator::lookupByAuthToken($token)))
+                    return new TicketUser($c); //Decorator
+                break;
+            case 'o': //Ticket owner  o+[token]
+                break;
+        }
+    }
+
+    function authenticate($username, $password) {
+        return false;
+    }
+
+}
+UserAuthenticationBackend::register(AuthTokenAuthentication);
+
 ?>
diff --git a/include/class.client.php b/include/class.client.php
index cb247882e4045d058fd13ff418fb8f2c472fc795..184d11f81cb4037be88b2bc46d4d451443c5ccee 100644
--- a/include/class.client.php
+++ b/include/class.client.php
@@ -31,6 +31,8 @@ class Client {
 
     var $ht;
 
+    var $user;
+
 
     function Client($id, $email=null) {
         $this->id =0;
@@ -59,9 +61,8 @@ class Client {
         $this->ticket_id  = $this->ht['ticket_id'];
         $this->ticketID   = $this->ht['ticketID'];
 
-        $user = User::lookup(array('emails__address'=>$this->ht['email']));
-        $this->fullname   = $user->getFullName();
-
+        $this->user = User::lookup(array('emails__address'=>$this->ht['email']));
+        $this->fullname   = $this->user->getFullName();
         $this->username   = $this->ht['email'];
         $this->email      = $this->ht['email'];
 
@@ -239,28 +240,66 @@ class Client {
 
         return false;
     }
+}
+
+/*
+ * Decorator class for authenticated user
+ *
+ */
 
-    static function authlogin($auth) {
-        //Expecting authtoken
-        // <user type><id of the user type>x<version id of the algo used>h<hash>
-        $matches = array();
-        $regex='/^(?P<type>\w{1})(?P<id>\d+)x(?P<v>\d+)h(?P<hash>.*)$/i';
-        if (!preg_match($regex, $auth, $matches))
+class  TicketUser implements AuthenticatedUser {
+
+    protected $backend;
+    protected $user;
+
+    function __construct($user) {
+        $this->user = $user;
+    }
+
+    /*
+     * Delegate calls to the user
+     */
+    function __call($name, $args) {
+
+        if(!$this->user
+                || !is_callable($this->user, $name))
             return false;
 
-        switch($matches['type']) {
-            case 'c': //Collaborator c<id>x<algo id used>h<hash for algo>
-                if (($c = Collaborator::lookup($matches['id']))
-                        && strcasecmp($c->getAuthToken($matches['v']), $auth)  == 0
-                        )
-                    return $c;
-                break;
-            case 'o': //Ticket owner
+        return  $args
+            ? call_user_func_array(array($this->user, $name), $args)
+            : call_user_func(array($this->user, $name));
+    }
 
-                break;
-        }
+    function getId() {
+        //We ONLY care about user ID at the ticket level
+        if ($this->user instanceof Collaborator)
+            return $this->user->getUserId();
 
-        return false;
+        return $this->user->getId();
     }
+
+    function isOwner() {
+        return  ($this->user && $this->user instanceof Client);
+    }
+
+    function setBackend($bk) {
+        $this->backend = $bk;
+    }
+
+    function getBackend() {
+        return $this->backend;
+    }
+
+    function getUserName() {
+        //XXX: Revisit when real usernames are introduced  or when email
+        // requirement is removed.
+        return $this->user->getEmail();
+    }
+
+    function getRole() {
+        return $this->isOwner() ? 'owner' : 'collaborator';
+    }
+
 }
+
 ?>
diff --git a/include/class.collaborator.php b/include/class.collaborator.php
index c55b9f4e6511e36b69ac18dca09a3ad0e4934848..215dd25fe73ebd42955bee664a63fb4569bbc083 100644
--- a/include/class.collaborator.php
+++ b/include/class.collaborator.php
@@ -22,6 +22,8 @@ class Collaborator {
     var $user;
     var $ticket;
 
+    static private $token_regex = '/^c(?P<id>\d+)x(?P<algo>\d+)h(?P<hash>.*)$/i';
+
     function __construct($id) {
 
         $this->load($id);
@@ -152,6 +154,21 @@ class Collaborator {
         return $id;
     }
 
+    static function lookupByAuthToken($token) {
+
+        //Expecting well formatted token see getAuthToken routine for details.
+        $matches = array();
+        if (preg_match(static::$token_regex, $token, $matches)
+                && $matches['id']
+                && ($c = self::lookup($matches['id']))
+                && strcasecmp($c->getAuthToken($matches['algo']), $token)  == 0
+                )
+            return $c;
+
+        return null;
+
+    }
+
     static function lookup($criteria) {
         $id = is_numeric($criteria)
             ? $criteria : self::getIdByInfo($criteria);