summaryrefslogtreecommitdiff
path: root/docs
diff options
context:
space:
mode:
Diffstat (limited to 'docs')
-rw-r--r--docs/releases/1.6.txt6
-rw-r--r--docs/topics/auth.txt6
2 files changed, 12 insertions, 0 deletions
diff --git a/docs/releases/1.6.txt b/docs/releases/1.6.txt
index ef162a8de3..49649bc6b8 100644
--- a/docs/releases/1.6.txt
+++ b/docs/releases/1.6.txt
@@ -17,6 +17,12 @@ deprecation process for some features`_.
What's new in Django 1.6
========================
+Minor features
+~~~~~~~~~~~~~~
+
+* Authentication backends can raise ``PermissionDenied`` to immediately fail
+ the authentication chain.
+
Backwards incompatible changes in 1.6
=====================================
diff --git a/docs/topics/auth.txt b/docs/topics/auth.txt
index aed482f710..6d8e3c66c3 100644
--- a/docs/topics/auth.txt
+++ b/docs/topics/auth.txt
@@ -2391,6 +2391,12 @@ processing at the first positive match.
you need to force users to re-authenticate using different methods. A simple
way to do that is simply to execute ``Session.objects.all().delete()``.
+.. versionadded:: 1.6
+
+If a backend raises a :class:`~django.core.exceptions.PermissionDenied`
+exception, authentication will immediately fail. Django won't check the
+backends that follow.
+
Writing an authentication backend
---------------------------------