...
[09:51:25 CST(-0600)] <dmccallum54> for those that can be accessed anonymously, i think the annotation would be a spring EL expression that allows either authenticated or anonymous users… i'd just have to experiment to figure out exactly what works
[09:53:15 CST(-0600)] <dmccallum54> if GPS needs to access other, existing SSP API URLs which have already been locked down and dont allow anonymous access then we probably need to double check with russ on whether we can just throw those APIs open or if we need to concoct a GPS-only flavor of those APIs that only expose the "non-sensitive bits"