Index: django/contrib/auth/decorators.py
===================================================================
--- django/contrib/auth/decorators.py	(revision 13182)
+++ django/contrib/auth/decorators.py	(working copy)
@@ -4,12 +4,13 @@
     from django.utils.functional import update_wrapper, wraps  # Python 2.4 fallback.
 
 from django.contrib.auth import REDIRECT_FIELD_NAME
-from django.http import HttpResponseRedirect
+from django.http import HttpResponseRedirect, HttpResponseForbidden
+from django.template import RequestContext, loader
 from django.utils.decorators import available_attrs
 from django.utils.http import urlquote
 
 
-def user_passes_test(test_func, login_url=None, redirect_field_name=REDIRECT_FIELD_NAME):
+def user_passes_test(test_func, login_url=None, redirect_field_name=REDIRECT_FIELD_NAME, template_403='403.html'):
     """
     Decorator for views that checks that the user passes the given test,
     redirecting to the log-in page if necessary. The test should be a callable
@@ -23,9 +24,14 @@
         def _wrapped_view(request, *args, **kwargs):
             if test_func(request.user):
                 return view_func(request, *args, **kwargs)
-            path = urlquote(request.get_full_path())
-            tup = login_url, redirect_field_name, path
-            return HttpResponseRedirect('%s?%s=%s' % tup)
+            elif not request.user.is_authenticated():
+                path = urlquote(request.get_full_path())
+                tup = login_url, redirect_field_name, path
+                return HttpResponseRedirect('%s?%s=%s' % tup)
+            else:
+                # authorization test failed for authenticated user
+                t = loader.get_template(template_403) # You need to create a 403.html template.
+                return HttpResponseForbidden(t.render(RequestContext(request)))
         return wraps(view_func, assigned=available_attrs(view_func))(_wrapped_view)
     return decorator