From aadc5c569bdf73d9e358c4371f7da18a0410234c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Joonas=20H=C3=A4kkinen?= <joonashak@proton.me>
Date: Wed, 19 Feb 2025 14:36:06 +0200
Subject: [PATCH] [5.2.x] Fixed #36200 -- Clarified MIDDLEWARE setting updates
 when using a custom RemoteUserMiddleware.

Backport of 87c5de3b7f2316aa17353d74f54e6ff19013d049 from main.
---
 docs/howto/auth-remote-user.txt | 17 +++++++++++++++--
 1 file changed, 15 insertions(+), 2 deletions(-)

diff --git a/docs/howto/auth-remote-user.txt b/docs/howto/auth-remote-user.txt
index f8492e367a..254a141b45 100644
--- a/docs/howto/auth-remote-user.txt
+++ b/docs/howto/auth-remote-user.txt
@@ -76,14 +76,27 @@ regardless of ``AUTHENTICATION_BACKENDS``.
 
 If your authentication mechanism uses a custom HTTP header and not
 ``REMOTE_USER``, you can subclass ``RemoteUserMiddleware`` and set the
-``header`` attribute to the desired ``request.META`` key.  For example::
+``header`` attribute to the desired ``request.META`` key.  For example:
+
+.. code-block:: python
+   :caption: ``mysite/middleware.py``
 
     from django.contrib.auth.middleware import RemoteUserMiddleware
 
 
-    class CustomHeaderMiddleware(RemoteUserMiddleware):
+    class CustomHeaderRemoteUserMiddleware(RemoteUserMiddleware):
         header = "HTTP_AUTHUSER"
 
+This custom middleware is then used in the :setting:`MIDDLEWARE` setting
+instead of :class:`django.contrib.auth.middleware.RemoteUserMiddleware`::
+
+    MIDDLEWARE = [
+        "...",
+        "django.contrib.auth.middleware.AuthenticationMiddleware",
+        "mysite.middleware.CustomHeaderRemoteUserMiddleware",
+        "...",
+    ]
+
 .. warning::
 
     Be very careful if using a ``RemoteUserMiddleware`` subclass with a custom