From 6ba1737c22a002a71210fcd15ad36c3c2bc68402 Mon Sep 17 00:00:00 2001
From: brettp <brettp@36083f99-b078-4883-b0ff-0f9b5a30f544>
Date: Fri, 14 May 2010 16:27:08 +0000
Subject: merge -r5832:5898 from 1.7 to trunk.

git-svn-id: http://code.elgg.org/elgg/trunk@6055 36083f99-b078-4883-b0ff-0f9b5a30f544
---
 services/api/rest_api.php | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

(limited to 'services/api/rest_api.php')

diff --git a/services/api/rest_api.php b/services/api/rest_api.php
index 4d3e39aaa..1ef8b729e 100644
--- a/services/api/rest_api.php
+++ b/services/api/rest_api.php
@@ -29,8 +29,10 @@ if ((isset($CONFIG->disable_api)) && ($CONFIG->disable_api == true)) {
 
 // plugins should return true to control what API and user authentication handlers are registered
 if (trigger_plugin_hook('rest', 'init', null, false) == false) {	
-	// check session - this usually means a REST call from a web browser
-	register_pam_handler('pam_auth_session');
+	// for testing from a web browser, you can use the session PAM
+	// do not use for production sites!!
+	//register_pam_handler('pam_auth_session');
+
 	// user token can also be used for user authentication
 	register_pam_handler('pam_auth_usertoken');
 
-- 
cgit v1.2.3