#33513: Custom authentication class: raising AuthenticationFailed leads to 403
--------------------------------+--------------------------------------
Reporter: Aurel | Owner: nobody
Type: Bug | Status: new
Component: contrib.auth | Version: 3.2
Severity: Normal | Resolution:
Keywords: authentication | Triage Stage: Unreviewed
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
--------------------------------+--------------------------------------
Comment (by Aurel):
Well, ok, you need to overwrite / implement also "def
authenticate_header(self, request):". Otherwise a 403 is returned. This
does not make sense to me. Why django changes to 403 only if there is no
authenticate header? 403 means, you are identified, but not allowed to get
in...
--
Ticket URL: <https://code.djangoproject.com/ticket/33513#comment:3>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-updates/069.4f0fa280c7c7268a41374722c0f8cd33%40djangoproject.com.
