mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-09-26 12:09:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

Fixed #17869 - force logout when REMOTE_USER header disappears

Browse source 
If the current sessions user was logged in via a remote user backend log out
the user if REMOTE_USER header not available - otherwise leave it to other auth
middleware to install the AnonymousUser.

Thanks to Sylvain Bouchard for the initial patch and ticket maintenance.
This commit is contained in:
Preston Holmes 2012-09-09 16:25:06 -04:00
parent 2b5f848207
commit 9741912a9a
3 changed files with 40 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

3
docs/releases/1.5.txt
View file

@ -296,6 +296,9 @@ Django 1.5 also includes several smaller improvements worth noting:
you to test equality for XML content at a semantic level, without caring for
syntax differences (spaces, attribute order, etc.).
* RemoteUserMiddleware now forces logout when the REMOTE_USER header
disappears during the same browser session.
Backwards incompatible changes in 1.5
=====================================