From ab8af342b1d5dbe40502f1adfe8c7a6b746c8004 Mon Sep 17 00:00:00 2001
From: ieatkittens <samuelm@gadventures.com>
Date: Fri, 11 Mar 2016 17:22:51 -0500
Subject: [PATCH] Fixed #26343 -- Sent user_login_failed signal if an auth
 backend raises PermissionDenied.

---
 django/contrib/auth/__init__.py        |  2 +-
 tests/auth_tests/test_auth_backends.py | 13 +++++++++++--
 2 files changed, 12 insertions(+), 3 deletions(-)

diff --git a/django/contrib/auth/__init__.py b/django/contrib/auth/__init__.py
index 63d59398f5..71faae6de6 100644
--- a/django/contrib/auth/__init__.py
+++ b/django/contrib/auth/__init__.py
@@ -74,7 +74,7 @@ def authenticate(**credentials):
             user = backend.authenticate(**credentials)
         except PermissionDenied:
             # This backend says to stop in our tracks - this user should not be allowed in at all.
-            return None
+            break
         if user is None:
             continue
         # Annotate the user object with the path of the backend.
diff --git a/tests/auth_tests/test_auth_backends.py b/tests/auth_tests/test_auth_backends.py
index 2f28c6cdf1..fee1a66bd4 100644
--- a/tests/auth_tests/test_auth_backends.py
+++ b/tests/auth_tests/test_auth_backends.py
@@ -3,7 +3,7 @@ from __future__ import unicode_literals
 from datetime import date
 
 from django.contrib.auth import (
-    BACKEND_SESSION_KEY, SESSION_KEY, authenticate, get_user,
+    BACKEND_SESSION_KEY, SESSION_KEY, authenticate, get_user, signals,
 )
 from django.contrib.auth.backends import ModelBackend
 from django.contrib.auth.hashers import MD5PasswordHasher
@@ -475,12 +475,21 @@ class PermissionDeniedBackendTest(TestCase):
 
     def setUp(self):
         self.user1 = User.objects.create_user('test', 'test@example.com', 'test')
-        self.user1.save()
+        self.user_login_failed = []
+        signals.user_login_failed.connect(self.user_login_failed_listener)
+
+    def tearDown(self):
+        signals.user_login_failed.disconnect(self.user_login_failed_listener)
+
+    def user_login_failed_listener(self, sender, credentials, **kwargs):
+        self.user_login_failed.append(credentials)
 
     @modify_settings(AUTHENTICATION_BACKENDS={'prepend': backend})
     def test_permission_denied(self):
         "user is not authenticated after a backend raises permission denied #2550"
         self.assertEqual(authenticate(username='test', password='test'), None)
+        # user_login_failed signal is sent.
+        self.assertEqual(self.user_login_failed, [{'password': '********************', 'username': 'test'}])
 
     @modify_settings(AUTHENTICATION_BACKENDS={'append': backend})
     def test_authenticates(self):