aboutsummaryrefslogtreecommitdiff
path: root/services/api/rest.php
diff options
context:
space:
mode:
Diffstat (limited to 'services/api/rest.php')
-rw-r--r--services/api/rest.php3
1 files changed, 3 insertions, 0 deletions
diff --git a/services/api/rest.php b/services/api/rest.php
index a569e7e26..46931f8b5 100644
--- a/services/api/rest.php
+++ b/services/api/rest.php
@@ -29,6 +29,9 @@ if ((isset($CONFIG->disable_api)) && ($CONFIG->disable_api == true)) {
// plugins should return true to control what API and user authentication handlers are registered
if (trigger_plugin_hook('rest', 'init', null, false) == false) {
+ // remove normal password pam (does not work by default with REST anyway)
+ unregister_pam_handler('pam_auth_userpass');
+
// check session - this usually means a REST call from a web browser
register_pam_handler('pam_auth_session');
// user token can also be used for user authentication