Opened 11 years ago

Closed 11 years ago

#20438 closed Bug (duplicate)

Users keep loged in even if the authentication backend cached in session is not longer available in AUTHENTICATION_BACKENDS

Reported by: jorgebastida Owned by: jorgebastida
Component: contrib.auth Version: dev
Severity: Normal Keywords:
Cc: Triage Stage: Ready for checkin
Has patch: yes Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no

Description

If a user logs in with backend A and then we remove A from AUTHENTICATION_BACKENDS the user will still be log in even if the backend is no longer available in AUTHENTICATION_BACKENDS but the module is.

Change History (4)

comment:1 by Aymeric Augustin, 11 years ago

#18998 pretends this results in a crash, not in the user staying logged in.

To me it looks like these two tickets are really about the same problem, even though they describe different syndroms.

Last edited 11 years ago by Aymeric Augustin (previous) (diff)

comment:2 by jorgebastida, 11 years ago

comment:3 by jorgebastida, 11 years ago

Has patch: set
Status: newassigned
Triage Stage: UnreviewedReady for checkin

comment:4 by Claude Paroz, 11 years ago

Resolution: duplicate
Status: assignedclosed
Note: See TracTickets for help on using tickets.
Back to Top