Fixed #17841 -- Clarified caching note about authentication backends. Thanks auzigog for the proposal and lukegb for the patch.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@17752 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2012-03-16 19:30:00 +00:00 · 2012-03-16 19:30:00 +00:00 · ecf75e5957
parent 232c99cee1
commit ecf75e5957
1 changed files with 3 additions and 2 deletions
--- a/docs/topics/auth.txt
+++ b/docs/topics/auth.txt
@ -1783,8 +1783,9 @@ processing at the first positive match.

    Once a user has authenticated, Django stores which backend was used to
    authenticate the user in the user's session, and re-uses the same backend
-    for subsequent authentication attempts for that user. This effectively means
-    that authentication sources are cached, so if you change
+    for the duration of that session whenever access to the currently
+    authenticated user is needed. This effectively means that authentication
+    sources are cached on a per-session basis, so if you change
    :setting:`AUTHENTICATION_BACKENDS`, you'll need to clear out session data if
    you need to force users to re-authenticate using different methods. A simple
    way to do that is simply to execute ``Session.objects.all().delete()``.