On Tue, Dec 21, 2010 at 6:18 PM, Oz Linden (Scott Lawrence)
> Yes, a direct REST api that returned the url for a name would certainly be
> Do you plan to make it possible to require authentication for the REST apis
> in 1.6? I'm currently running my server with anonymous access disabled
> because enabling anon access made the REST query apis open.
What parts are you wanting to hide?
I can absolutely see hiding user information (definitely the full
e-mail address, maybe partly the full name) and maybe the group e-mail
address when the user accessing it is anonymous. I don't know that
blocking the entire API is useful, though, if you're allowing
anonymous access to the site anyway.
Christian Hammond - chip...@chipx86.com
Review Board - http://www.reviewboard.org
VMware, Inc. - http://www.vmware.com
Want to help the Review Board project? Donate today at
Happy user? Let us know at http://www.reviewboard.org/users/
To unsubscribe from this group, send email to
For more options, visit this group at