Fixed #24379 -- Documented that remote user example disables ModelBackend.

6b28e957 · Ross Brunton · Tim Graham · a40a34a4 · 6b28e957
Kaydet (Commit) 6b28e957 authored Şub 25, 2015 tarafından Ross Brunton Kaydeden (comit) Tim Graham Mar 03, 2015
Hide whitespace changes
Inline Side-by-side

Showing with 12 additions and 0 deletions

auth-remote-user.txt docs/howto/auth-remote-user.txt +12 -0

No files found.
--- a/docs/howto/auth-remote-user.txt
+++ b/docs/howto/auth-remote-user.txt
@@ -50,6 +50,18 @@ With this setup, ``RemoteUserMiddleware`` will detect the username in
 ``request.META['REMOTE_USER']`` and will authenticate and auto-login that user
 using the :class:`~django.contrib.auth.backends.RemoteUserBackend`.

+Be aware that this particular setup disables authentication with the default
+``ModelBackend``. This means that if the ``REMOTE_USER`` value is not set
+then the user is unable to log in, even using Django's admin interface.
+Adding ``'django.contrib.auth.backends.ModelBackend'`` to the
+``AUTHENTICATION_BACKENDS`` list will use ``ModelBackend`` as a fallback
+if ``REMOTE_USER`` is absent, which will solve these issues.
+
+Django's user management, such as the views in ``contrib.admin`` and
+the :djadmin:`createsuperuser` management command, doesn't integrate with
+remote users. These interfaces work with users stored in the database
+regardless of ``AUTHENTICATION_BACKENDS``.
+
 .. note::
   Since the ``RemoteUserBackend`` inherits from ``ModelBackend``, you will
   still have all of the same permissions checking that is implemented in