Refactored might be a better term than extended. Plugable authentication strategies might be useful for authenticating based on IP addresses or other common means. The feature would define a plugin architecture for defining these features.
This is handled to some extent by the MINA blacklist/whitelist filters described in QFJ 1.1. Other authentication could be done at the application level.