guarantee that authMethod always returns something valid, even for users not created correctly

docs/changelog/7.x.x.txt

@@ -53,6 +53,7 @@
  - fixed #8908: No Post Captcha in Default Submission Form
  - fixed #9138: Fat fonts break WebGUI captchas
  - fixed #8982: Deploy package doesn't take back to asset manager 
+ - fixed #8956: Not checking for populated variable
 
 7.6.3
  - improved performance of file uploads

lib/WebGUI/Auth.pm

@@ -151,7 +151,8 @@ sub authenticate {
 
 =head2 authMethod ( [authMethod] )
 
-Gets or sets the authMethod in the Auth Object
+Gets or sets the authMethod in the Auth Object.  Returns 'WebGUI' as the
+default method if a user has been created without an authMethod.
 
 =head3 authMethod
 
@@ -161,7 +162,9 @@ Gets or sets the authMethod in the Auth Object
 
 sub authMethod {
 	my $self = shift;
-	return $self->{authMethod} if(!$_[0]);
+	if (!$_[0]) {
+        return $self->{authMethod} || 'WebGUI';
+    }
 	$self->{authMethod} = $_[0];
 }