aboutsummaryrefslogtreecommitdiff
path: root/services
diff options
context:
space:
mode:
authorbrettp <brettp@36083f99-b078-4883-b0ff-0f9b5a30f544>2010-05-14 16:27:08 +0000
committerbrettp <brettp@36083f99-b078-4883-b0ff-0f9b5a30f544>2010-05-14 16:27:08 +0000
commit6ba1737c22a002a71210fcd15ad36c3c2bc68402 (patch)
tree22e44b38f986ac94ecb7d831d043d87ac687bf27 /services
parent368c947601348a68dd6805658e637a1e634779e5 (diff)
downloadelgg-6ba1737c22a002a71210fcd15ad36c3c2bc68402.tar.gz
elgg-6ba1737c22a002a71210fcd15ad36c3c2bc68402.tar.bz2
merge -r5832:5898 from 1.7 to trunk.
git-svn-id: http://code.elgg.org/elgg/trunk@6055 36083f99-b078-4883-b0ff-0f9b5a30f544
Diffstat (limited to 'services')
-rw-r--r--services/api/rest_api.php6
1 files changed, 4 insertions, 2 deletions
diff --git a/services/api/rest_api.php b/services/api/rest_api.php
index 4d3e39aaa..1ef8b729e 100644
--- a/services/api/rest_api.php
+++ b/services/api/rest_api.php
@@ -29,8 +29,10 @@ if ((isset($CONFIG->disable_api)) && ($CONFIG->disable_api == true)) {
// plugins should return true to control what API and user authentication handlers are registered
if (trigger_plugin_hook('rest', 'init', null, false) == false) {
- // check session - this usually means a REST call from a web browser
- register_pam_handler('pam_auth_session');
+ // for testing from a web browser, you can use the session PAM
+ // do not use for production sites!!
+ //register_pam_handler('pam_auth_session');
+
// user token can also be used for user authentication
register_pam_handler('pam_auth_usertoken');