I want my director to do all authentication, but it ignores the nologin and reason etc. fields returned by my director password_query

I have my director password_query returning proxy=y, password=X, master=XXXX, pass=XXXX

It works fine, but even if nologin is Y and 'reason' is set, the user still gets proxied to the backend and gets to login?

-- Tom