[1.3.X] Fixed #17841 -- Clarified caching note about authentication backends. Thanks auzigog for the proposal and lukegb for the patch.

Backport of r17752 from trunk. git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@17753 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2012-03-16 19:32:13 +00:00 · 2012-03-16 19:32:13 +00:00 · 1dd8848beb
parent 2f6b8482f6
commit 1dd8848beb
1 changed files with 3 additions and 2 deletions
--- a/docs/topics/auth.txt
+++ b/docs/topics/auth.txt
@ -1518,8 +1518,9 @@ processing at the first positive match.

    Once a user has authenticated, Django stores which backend was used to
    authenticate the user in the user's session, and re-uses the same backend
-    for subsequent authentication attempts for that user. This effectively means
-    that authentication sources are cached, so if you change
+    for the duration of that session whenever access to the currently
+    authenticated user is needed. This effectively means that authentication
+    sources are cached on a per-session basis, so if you change
    :setting:`AUTHENTICATION_BACKENDS`, you'll need to clear out session data if
    you need to force users to re-authenticate using different methods. A simple
    way to do that is simply to execute ``Session.objects.all().delete()``.