diff options
| author | Jannis Leidel <jannis@leidel.info> | 2012-11-17 20:24:54 +0100 |
|---|---|---|
| committer | Jannis Leidel <jannis@leidel.info> | 2012-11-17 20:24:54 +0100 |
| commit | 1520748dac95a7f114e4bb2feeee04d46c720494 (patch) | |
| tree | 8eecdb5b188c469766b9422f42a1cb605a6e56ff /docs/topics | |
| parent | 7058b595b668b49daef8beb76a2b5c5f1d991b00 (diff) | |
Fixed #2550 -- Allow the auth backends to raise the PermissionDenied exception to completely stop the authentication chain. Many thanks to namn, danielr, Dan Julius, Łukasz Rekucki, Aashu Dwivedi and umbrae for working this over the years.
Diffstat (limited to 'docs/topics')
| -rw-r--r-- | docs/topics/auth.txt | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/docs/topics/auth.txt b/docs/topics/auth.txt index aed482f710..6d8e3c66c3 100644 --- a/docs/topics/auth.txt +++ b/docs/topics/auth.txt @@ -2391,6 +2391,12 @@ processing at the first positive match. you need to force users to re-authenticate using different methods. A simple way to do that is simply to execute ``Session.objects.all().delete()``. +.. versionadded:: 1.6 + +If a backend raises a :class:`~django.core.exceptions.PermissionDenied` +exception, authentication will immediately fail. Django won't check the +backends that follow. + Writing an authentication backend --------------------------------- |
