I've been thinking about the same thing recently. Even though we can argue
that for the API to have feature parity with the web version, we should
provide anonymous access, I'm reluctant to enable this without some sort of
API key that can identify a consumer and can allow measuring load and
blocking when necessary.
I'm also in favor of supporting the concept of an API key even for normal
users, and not just for anonymous access. This is of course until we
support OAuth or something similar.
Thoughts are welcome though...
On Sun, Nov 13, 2011 at 8:51 AM, Volker Poplawski <
volker.poplaw...@atrics.de> wrote:
> Hi all,
>
> I'm playing with the SOAP interface of MantisBT.
>
> I haven't been able yet to use the SOAP interface with the anonymous
> account. A empty user name results in 'Access denied for user
> anonymous.' and user 'anonymous' gets me a 'Access denied'
>
> Is the anonymous user handled differently on SOAP than html or this a
> bug worth reporting?
>
>
> Regards
> .....Volker
>
>
> ------------------------------------------------------------------------------
> RSA(R) Conference 2012
> Save $700 by Nov 18
> Register now
> http://p.sf.net/sfu/rsa-sfdev2dev1
> _______________________________________________
> mantisbt-help mailing list
> mantisbt-help@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/mantisbt-help
>
------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure
contains a definitive record of customers, application performance,
security threats, fraudulent activity, and more. Splunk takes this
data and makes sense of it. IT sense. And common sense.
http://p.sf.net/sfu/splunk-novd2d
_______________________________________________
mantisbt-help mailing list
mantisbt-help@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mantisbt-help
