On 27/02/2010 18:51, Scott Wilson wrote:
On 27 Feb 2010, at 12:55, Ross Gardler wrote:
The REST documentation makes no mention of needing to authenticate. Is
it intentional that some requests need to be authenticated, e..g.
participants
...
The only requests that require authentication are those that are
equivalent to admin interface functions for creating/updating/deleting
services/categories, and these are documented at
...
All other API requests only use the API key for authentication - if
Basic auth is being requested for these (such as participants), then
this is a configuration problem.
This is using Wookie in dev mode (i.e. ant run) and thus there is no
local config messing with things.
Here's what appears to be happening:
Performing a GET request for participants with a valid API Key is fine
Performing a GET request for participants with an invalid API Key throws
an exception (unauthorized) which results in a request for authentication.
I've found other problems too, but have not fully debugged them, it may
be my code.
Ross
