1 files changed, 18 insertions, 13 deletions

diff --git a/django/contrib/auth/handlers/modpython.py b/django/contrib/auth/handlers/modpython.py
index e6719794a1..c7d921313d 100644
--- a/django/contrib/auth/handlers/modpython.py
+++ b/django/contrib/auth/handlers/modpython.py
@@ -22,6 +22,8 @@ def authenhandler(req, **kwargs):
         os.environ['DJANGO_SETTINGS_MODULE'] = settings_module
 
     from django.contrib.auth.models import User
+    from django import db
+    db.reset_queries()
 
     # check that the username is valid
     kwargs = {'username': req.user, 'is_active': True}
@@ -30,18 +32,21 @@ def authenhandler(req, **kwargs):
     if superuser_only:
         kwargs['is_superuser'] = True
     try:
-        user = User.objects.get(**kwargs)
-    except User.DoesNotExist:
-        return apache.HTTP_UNAUTHORIZED
-
-    # check the password and any permission given
-    if user.check_password(req.get_basic_auth_pw()):
-        if permission_name:
-            if user.has_perm(permission_name):
-                return apache.OK
+        try:
+            user = User.objects.get(**kwargs)
+        except User.DoesNotExist:
+            return apache.HTTP_UNAUTHORIZED
+    
+        # check the password and any permission given
+        if user.check_password(req.get_basic_auth_pw()):
+            if permission_name:
+                if user.has_perm(permission_name):
+                    return apache.OK
+                else:
+                    return apache.HTTP_UNAUTHORIZED
             else:
-                return apache.HTTP_UNAUTHORIZED
+                return apache.OK
         else:
-            return apache.OK
-    else:
-        return apache.HTTP_UNAUTHORIZED
+            return apache.HTTP_UNAUTHORIZED
+    finally:
+        db.connection.close()