summaryrefslogtreecommitdiff
path: root/docs/topics
diff options
context:
space:
mode:
authorJannis Leidel <jannis@leidel.info>2012-11-17 20:24:54 +0100
committerJannis Leidel <jannis@leidel.info>2012-11-17 20:24:54 +0100
commit1520748dac95a7f114e4bb2feeee04d46c720494 (patch)
tree8eecdb5b188c469766b9422f42a1cb605a6e56ff /docs/topics
parent7058b595b668b49daef8beb76a2b5c5f1d991b00 (diff)
Fixed #2550 -- Allow the auth backends to raise the PermissionDenied exception to completely stop the authentication chain. Many thanks to namn, danielr, Dan Julius, Łukasz Rekucki, Aashu Dwivedi and umbrae for working this over the years.
Diffstat (limited to 'docs/topics')
-rw-r--r--docs/topics/auth.txt6
1 files changed, 6 insertions, 0 deletions
diff --git a/docs/topics/auth.txt b/docs/topics/auth.txt
index aed482f710..6d8e3c66c3 100644
--- a/docs/topics/auth.txt
+++ b/docs/topics/auth.txt
@@ -2391,6 +2391,12 @@ processing at the first positive match.
you need to force users to re-authenticate using different methods. A simple
way to do that is simply to execute ``Session.objects.all().delete()``.
+.. versionadded:: 1.6
+
+If a backend raises a :class:`~django.core.exceptions.PermissionDenied`
+exception, authentication will immediately fail. Django won't check the
+backends that follow.
+
Writing an authentication backend
---------------------------------