Admin should allow for configurable login handling support

[Matt McDonald]

In its current implementation, the contrib.admin application attempts to handle user authentication by displaying a login form for any request where the user does not have permission to view (either because they are unauthenticated, or their user account fails the is_active and is_staff test).

In cases where authentication is being handled by an external system (e.g., Apache .htaccess or Google Accounts auth on App Engine), it can be confusing for users to see this login form when their account does not have permission to access the admin, as in some cases, the credentials they use might not correspond to what is stored in the Django auth table.

I'd like to propose a configuration knob to allow the choice for whether the admin app attempts to perform user authentication at all, and instead just relies on all users to be pre-authenticated.

[Łukasz Rekucki]

A global settings is not an option (you can have more then one admin instance). You can achieve exactly the same by overriding login() and/or admin_view() methods using a subclass of AdminSite.

[Matt McDonald]

This is actually the approach I'm currently taking in my project, but was interested in achieving the result in a bit of simpler way. In the common case of using the default admin site, it would be nice to just be able to change 1 settings.py configuration without worrying about subclassing.

Since the current patch preserves backward compatibility, I viewed the fact that it applies globally to all admin site instances as a desired effect. Selectively choosing individual admin site instance to have login handling enabled could then be achieved through sub-classing.

However, I do understand if there is resistance to this idea.

[Jannis Leidel]

This is already possible, closing as wontfix.