Regarding the part: "18.104.22.168 Description This event is triggered after the user is authenticated against the Joomla! user-base. If one plugin returns false, the entire authentication process fails."
On my 1.5.15 (2 separate installs for making sure): The "entire authentication process fails" does not seem true. Returning false displays the standard "bad login" JError::Warning message but the user still remains logged in. Also, at least some of the "user" group of events/methods can be placed in "authentication" grouped plugins. I have tested this at least for onLoginUser (while trying to find out if I did something wrong). A hint/explanation would be nice.