summaryrefslogtreecommitdiff
path: root/docs
diff options
context:
space:
mode:
authorJannis Leidel <jannis@leidel.info>2012-11-17 20:24:54 +0100
committerJannis Leidel <jannis@leidel.info>2012-11-17 20:24:54 +0100
commit1520748dac95a7f114e4bb2feeee04d46c720494 (patch)
tree8eecdb5b188c469766b9422f42a1cb605a6e56ff /docs
parent7058b595b668b49daef8beb76a2b5c5f1d991b00 (diff)
Fixed #2550 -- Allow the auth backends to raise the PermissionDenied exception to completely stop the authentication chain. Many thanks to namn, danielr, Dan Julius, Łukasz Rekucki, Aashu Dwivedi and umbrae for working this over the years.
Diffstat (limited to 'docs')
-rw-r--r--docs/releases/1.6.txt6
-rw-r--r--docs/topics/auth.txt6
2 files changed, 12 insertions, 0 deletions
diff --git a/docs/releases/1.6.txt b/docs/releases/1.6.txt
index ef162a8de3..49649bc6b8 100644
--- a/docs/releases/1.6.txt
+++ b/docs/releases/1.6.txt
@@ -17,6 +17,12 @@ deprecation process for some features`_.
What's new in Django 1.6
========================
+Minor features
+~~~~~~~~~~~~~~
+
+* Authentication backends can raise ``PermissionDenied`` to immediately fail
+ the authentication chain.
+
Backwards incompatible changes in 1.6
=====================================
diff --git a/docs/topics/auth.txt b/docs/topics/auth.txt
index aed482f710..6d8e3c66c3 100644
--- a/docs/topics/auth.txt
+++ b/docs/topics/auth.txt
@@ -2391,6 +2391,12 @@ processing at the first positive match.
you need to force users to re-authenticate using different methods. A simple
way to do that is simply to execute ``Session.objects.all().delete()``.
+.. versionadded:: 1.6
+
+If a backend raises a :class:`~django.core.exceptions.PermissionDenied`
+exception, authentication will immediately fail. Django won't check the
+backends that follow.
+
Writing an authentication backend
---------------------------------