wrong error message when entering admin and not is_staff or is_active

[Wim Feijen <wim@…>]

On the admin login, when a user tries to login, but is_staff is set to False, the error message is misleadingly wrong:

"Please enter a correct username and password. Note that both fields are case-sensitive."

The actual message should be something like:

"You are not allowed to enter the administration area of this website."

How do we deal with translations of this message?

[Julien Phalip]

Thank you for the suggestion, but note that this has already been reported in #15567 and wontfixed for security reasons. It has then been discussed on django-dev [1] with diverging opinions, including from core devs. So I suggest you continue discussing this topic on the mailing list until a final resolution is reached. Closing as wontfix again for now.

​http://groups.google.com/group/django-developers/browse_thread/thread/df19241a0b1a04ef

[Wim Feijen <wim@…>]

Julien, thanks for the pointers and also for your very correct response. I started a discussion on the mailing list as the general consensus seems to be in favour of this patch.

I'm sorry that I never seem to succeed in finding whether a ticket has already been posted: thanks for your response and contribution.

[Wim Feijen <wim@…>]

For the record: After another discussion on django-developers here: ​http://groups.google.com/group/django-developers/browse_thread/thread/c070dcd878a75a2b

I created a new ticket & patch in order to make the error message more clear while not giving away any more information: see ticket #16837