diff --git a/fas/client/fasClient.py b/fas/client/fasClient.py
index 2252d41..354fbc6 100755
--- a/fas/client/fasClient.py
+++ b/fas/client/fasClient.py
@@ -59,7 +59,7 @@ parser.add_option('-s', '--server',
 class MakeShellAccounts(BaseClient):
     def group_list(self, search='*'):
         params = {'search' : search}
-        data = self.send_request('json/group_list', auth=True, input=params)
+        data = self.send_request('group/list', auth=True, input=params)
         return data
 
     def shadow_text(self, people=None):
@@ -136,7 +136,7 @@ class MakeShellAccounts(BaseClient):
         
     def people_list(self, search='*'):
         params = {'search' : search}
-        data = self.send_request('json/people_list', auth=True, input=params)
+        data = self.send_request('user/list', auth=True, input=params)
         return data['people']
 
     def make_group_db(self):
diff --git a/fas/fas/group.py b/fas/fas/group.py
index 9728aa1..a8b60f3 100644
--- a/fas/fas/group.py
+++ b/fas/fas/group.py
@@ -112,22 +112,6 @@ class Group(controllers.Controller):
             turbogears.redirect('/')
         return dict(tg_errors=tg_errors)
 
-    @expose(format="json")
-    def exportShellAccounts(self):
-        ''' Replaces old "exportShellAccounts.py" '''
-        # TODO: Restrict access to this.
-        group = Groups.by_name('sysadmin-main')
-        users = {}
-        for role in userlist.roles:
-            if role.status == 'approved':
-                person = role.member
-                users[person.username] = {
-                    'password' : person.password,
-                    'ssh_key' : person.ssh_key,
-                }
-        groups = Groups.query.all()
-        return dict(users=users, groups=groups)
-
     @identity.require(turbogears.identity.not_anonymous())
     @validate(validators=GroupView())
     @error_handler(error)
@@ -263,10 +247,10 @@ class Group(controllers.Controller):
         groups = filter(lambda group: canViewGroup(person, group), groups)
         if len(groups) <= 0:
             turbogears.flash(_("No Groups found matching '%s'") % search)
-            groups = {}
-        if self.jsonRequest():
-            return ({'groups': groups})
-        return dict(groups=groups, search=search)
+        memberships = {}
+        for group in groups:
+            memberships[group.id] = group.approved_roles
+        return dict(groups=groups, search=search, memberships=memberships)
 
     @identity.require(turbogears.identity.not_anonymous())
     @validate(validators=GroupApply())
diff --git a/fas/fas/json_request.py b/fas/fas/json_request.py
index ebd543a..1bf09b4 100644
--- a/fas/fas/json_request.py
+++ b/fas/fas/json_request.py
@@ -2,16 +2,8 @@ import turbogears
 from turbogears import controllers, expose, paginate, identity, redirect, widgets, validate, validators, error_handler
 from turbogears.database import session
 
-from cherrypy import request, response
-
-import cherrypy
-
 from fas.auth import *
 
-from textwrap import dedent
-
-import re
-
 class JsonRequest(controllers.Controller):
     def __init__(self):
         '''Create a JsonRequest Controller.'''
@@ -20,18 +12,4 @@ class JsonRequest(controllers.Controller):
     def index(self):
         '''Perhaps show a nice explanatory message about groups here?'''
         return dict(help='This is a json interface')
-    
-    @expose("json", allow_json=True)
-    def group_list(self, search='*'):
-        re_search = re.sub(r'\*', r'%', search).lower()
-        groups = Groups.query.filter(Groups.name.like(re_search)).order_by('name')
-        memberships = {}
-        for group in groups:
-            memberships[group.id] = group.approved_roles
-        return dict(groups=groups, memberships=memberships)
-    
-    @expose("json", allow_json=True)
-    def people_list(self, search='*'):
-        re_search = re.sub(r'\*', r'%', search).lower()
-        people = People.query.filter(People.username.like(re_search)).order_by('username')
-        return dict(people=people)
+
diff --git a/fas/fas/user.py b/fas/fas/user.py
index 3c89201..5720ba1 100644
--- a/fas/fas/user.py
+++ b/fas/fas/user.py
@@ -235,7 +235,9 @@ class User(controllers.Controller):
             turbogears.redirect("/user/view/%s" % target.username)
         return dict(target=target)
 
-    @identity.require(turbogears.identity.in_group("accounts")) #TODO: Use auth.py
+    # TODO: Decide who is allowed to see this.
+    #@identity.require(turbogears.identity.in_group("accounts")) #TODO: Use auth.py
+    @identity.require(turbogears.identity.not_anonymous())
     @expose(template="fas.templates.user.list", allow_json=True)
     def list(self, search="a*"):
         '''List users
@@ -244,11 +246,9 @@ class User(controllers.Controller):
         people = People.query.filter(People.username.like(re_search)).order_by('username')
         if people.count() < 0:
             turbogears.flash(_("No users found matching '%s'") % search)
-        if self.jsonRequest():
-            return ({'users': people})
-
         return dict(people=people, search=search)
        
+    @identity.require(turbogears.identity.not_anonymous())
     @expose(template='fas.templates.user.new')
     def new(self):
         if turbogears.identity.not_anonymous():
@@ -256,6 +256,7 @@ class User(controllers.Controller):
             turbogears.redirect('/user/view/%s' % turbogears.identity.current.user_name)
         return dict()
 
+    @identity.require(turbogears.identity.not_anonymous())
     @validate(validators=UserCreate())
     @error_handler(error)
     @expose(template='fas.templates.new')
@@ -409,6 +410,7 @@ class User(controllers.Controller):
       return dict(cert=certdump, key=keydump)
 
     # Not sure where to take this yet.
+    @identity.require(turbogears.identity.not_anonymous())
     @expose(format="json")
     def search(self, username=None, groupname=None):
         people = People.query.filter(People.username.like('%%%s%%' % username))