id,summary,reporter,owner,description,type,status,component,version,severity,resolution,keywords,cc,stage,has_patch,needs_docs,needs_tests,needs_better_patch,easy,ui_ux 17841,Clarify authentication backend documentation,Jeremy Blanchard,Luke Granger-Brown,"The current text for the ""NOTE"" in [https://docs.djangoproject.com/en/dev/topics/auth/#specifying-authentication-backends this section of the documentation] reads: Once a user has authenticated, Django stores which backend was used to authenticate the user in the user's session, and re-uses the same backend for subsequent authentication attempts for that user. This effectively means that authentication sources are cached, so if you change AUTHENTICATION_BACKENDS, you'll need to clear out session data if you need to force users to re-authenticate using different methods. A simple way to do that is simply to execute Session.objects.all().delete(). It is pretty awkwardly worded in my opinion. It should be improved.",Cleanup/optimization,closed,Documentation,1.3,Normal,fixed,,django@…,Ready for checkin,1,0,0,0,1,0