When the context processor django.middleware.csrf.CsrfViewMiddleware from Django 1.2.1 is active, the login form triggers a CSRF attempt error.

Ok, apparently I fixed it by overwriting the login.html template and add {% csrf_token %} to the form. It took me several restarts of the development server before it started working however.

We should recommend adding {% csrf_token %} to the post forms in default templates.

Latest Django has CSRF protection enabled by default