diff options
| author | Jannis Leidel <jannis@leidel.info> | 2012-11-17 20:24:54 +0100 |
|---|---|---|
| committer | Jannis Leidel <jannis@leidel.info> | 2012-11-17 20:24:54 +0100 |
| commit | 1520748dac95a7f114e4bb2feeee04d46c720494 (patch) | |
| tree | 8eecdb5b188c469766b9422f42a1cb605a6e56ff /docs | |
| parent | 7058b595b668b49daef8beb76a2b5c5f1d991b00 (diff) | |
Fixed #2550 -- Allow the auth backends to raise the PermissionDenied exception to completely stop the authentication chain. Many thanks to namn, danielr, Dan Julius, Łukasz Rekucki, Aashu Dwivedi and umbrae for working this over the years.
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/releases/1.6.txt | 6 | ||||
| -rw-r--r-- | docs/topics/auth.txt | 6 |
2 files changed, 12 insertions, 0 deletions
diff --git a/docs/releases/1.6.txt b/docs/releases/1.6.txt index ef162a8de3..49649bc6b8 100644 --- a/docs/releases/1.6.txt +++ b/docs/releases/1.6.txt @@ -17,6 +17,12 @@ deprecation process for some features`_. What's new in Django 1.6 ======================== +Minor features +~~~~~~~~~~~~~~ + +* Authentication backends can raise ``PermissionDenied`` to immediately fail + the authentication chain. + Backwards incompatible changes in 1.6 ===================================== diff --git a/docs/topics/auth.txt b/docs/topics/auth.txt index aed482f710..6d8e3c66c3 100644 --- a/docs/topics/auth.txt +++ b/docs/topics/auth.txt @@ -2391,6 +2391,12 @@ processing at the first positive match. you need to force users to re-authenticate using different methods. A simple way to do that is simply to execute ``Session.objects.all().delete()``. +.. versionadded:: 1.6 + +If a backend raises a :class:`~django.core.exceptions.PermissionDenied` +exception, authentication will immediately fail. Django won't check the +backends that follow. + Writing an authentication backend --------------------------------- |
