I have to make sure that a Joomla username and password applies from the exterior application. There is no need the user is drenched in to the system exactly that their account is available. How do you do that?

I am assuming your exterior application will get access to Joomla's database and it is designed in php too.

I have already clarified an identical question about creating a user outside joomla, you could utilize exactly the same approach, but rather than calling the save method from JUser, you could utilize bind to see if the password is correct.

Or something like that better: simply copy Joomla's own authentication mechanism after creating an "environment" outside Joomla! Check JOOMLA_PATH/plugins/authentication/joomla.php:

 function onAuthenticate( $credentials, $options, &$response ){
  // Joomla does not like blank passwords
  if (empty($credentials['password'])){
   $response->status = JAUTHENTICATE_STATUS_FAILURE;
   $response->error_message = 'Empty password not allowed';
   return false;

  // Initialize variables
  $conditions = '';

  // Get a database object
  $db =& JFactory::getDBO();

  $query = 'SELECT `id`, `password`, `gid`'
   . ' FROM `#__users`'
   . ' WHERE username=' . $db->Quote( $credentials['username'] )
  $db->setQuery( $query );
  $result = $db->loadObject();

   $parts = explode( ':', $result->password );
   $crypt = $parts[0];
   $salt = @$parts[1];
   $testcrypt = JUserHelper::getCryptedPassword($credentials['password'], $salt);

   if ($crypt == $testcrypt) {
    $user = JUser::getInstance($result->id); // Bring this in line with the rest of the system
    $response->email = $user->email;
    $response->fullname = $user->name;
    $response->status = JAUTHENTICATE_STATUS_SUCCESS;
    $response->error_message = '';
   } else {
    $response->status = JAUTHENTICATE_STATUS_FAILURE;
    $response->error_message = 'Invalid password';
   $response->status = JAUTHENTICATE_STATUS_FAILURE;
   $response->error_message = 'User does not exist';

Your exterior application should have the ability to access the database from the joomla application to sign in the database whether user is available/ applies. To check on it, you have to operate some query inside your exterior application to determine the information on the consumer something similar to this:

$query = "select user_id from your_table where user_id = id_here";
// and more code afterwords.

You can equally write a API component such that you employ a hyperlink to query the API and obtain a JSON response back e.g. http://www.domain.com/index.php?option=com_api&view=authenicateUser&user=root&password=12345&format=raw

Then you've a controller that accumulates this view and calls the model or assistant class that has code like below. The benefit of this is you keep inside the Joomla code base making this safer.

function __construct() {
  // params
  $this->username = JRequest::getVar('user', '');
  $this->password = JRequest::getVar('password', '');

private function checkParameters() {
  // datatype checks
  if ($this->username == '') {
    die('ERROR: user is blank');
  if ($this->password == '') {
    die('ERROR: password is blank');

function execute() {
  // Get the global JAuthentication object
  jimport( 'joomla.user.authentication');
  $auth = & JAuthentication::getInstance();
  $credentials = array( 'username' => $this->username, 'password' => $this->password );
  $options = array();
  $response = $auth->authenticate($credentials, $options);

  // success
  return ($response->status === JAUTHENTICATE_STATUS_SUCCESS) {
    $response->status = true;
  } else {
  // failed
    $response->status = false;
  echo json_encode($response);