diff --git a/src/main/java/org/nrg/xnat/restlet/resources/PARList.java b/src/main/java/org/nrg/xnat/restlet/resources/PARList.java
index 87a479efd62bc5d64519e37a7dfdd651f5ae1f38..75c27470940d3e10a86c953be5117486a66eeeff 100644
--- a/src/main/java/org/nrg/xnat/restlet/resources/PARList.java
+++ b/src/main/java/org/nrg/xnat/restlet/resources/PARList.java
@@ -10,15 +10,15 @@
  */
 package org.nrg.xnat.restlet.resources;
 
-import org.nrg.xdat.security.helpers.Roles;
 import org.nrg.xft.XFTTable;
 import org.restlet.Context;
-import org.restlet.data.MediaType;
 import org.restlet.data.Request;
 import org.restlet.data.Response;
 import org.restlet.data.Status;
 import org.restlet.resource.Representation;
 import org.restlet.resource.Variant;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 import java.util.Hashtable;
 
@@ -30,31 +30,27 @@ public class PARList extends SecureResource {
 	public PARList(Context context, Request request, Response response) {
 		super(context, request, response);
 		getVariants().addAll(STANDARD_VARIANTS);
-        if (!Roles.isSiteAdmin(user)) {
-            response.setStatus(Status.CLIENT_ERROR_FORBIDDEN, "Only administrators can access the list of project access requests.");
-        }
 	}
 
 	@Override
 	public Representation represent(Variant variant) {
-		XFTTable table = new XFTTable();
-		Hashtable<String, Object> params = new Hashtable<String, Object>();
+		Hashtable<String, Object> params = new Hashtable<>();
 		try {
-			table = XFTTable
-					.Execute(
-							"SELECT par.par_id,par.proj_id,par.level,par.create_date,u.login, u.firstname, u.lastname,p.secondary_id,p.name,p.id,SUBSTRING(p.description,0,300) as description,pi.firstname || ' ' || pi.lastname FROM xs_par_table par LEFT JOIN xnat_projectData p ON par.proj_id=p.id LEFT JOIN xnat_investigatordata pi ON p.pi_xnat_investigatordata_id=pi.xnat_investigatordata_id LEFT JOIN xdat_user u ON par.approver_id=u.xdat_user_id WHERE LOWER(par.email)='"
-									+ user.getEmail().toLowerCase()
-									+ "' AND approval_date IS NULL", user
-									.getDBName(), user.getLogin());
+			final XFTTable table = XFTTable.Execute(String.format(PAR_QUERY, user.getEmail().toLowerCase()), user.getDBName(), user.getLogin());
+
+			if (table != null) {
+				params.put("totalRecords", table.size());
+			}
+
+			return representTable(table, overrideVariant(variant), params);
 
 		} catch (Exception e) {
-			e.printStackTrace();
+			getResponse().setStatus(Status.SERVER_ERROR_INTERNAL, "An error occurred attempting to access the project invitations.");
+			_log.error("An error occurred attempting to access the project invitations for user " + user.getLogin(), e);
 		}
 
-		MediaType mt = overrideVariant(variant);
-
-		if (table != null)
-			params.put("totalRecords", table.size());
-		return representTable(table, mt, params);
+		return null;
 	}
-}
+	private static final Logger _log = LoggerFactory.getLogger(PARList.class);
+	private static final String PAR_QUERY = "SELECT par.par_id,par.proj_id,par.level,par.create_date,u.login, u.firstname, u.lastname,p.secondary_id,p.name,p.id,SUBSTRING(p.description,0,300) as description,pi.firstname || ' ' || pi.lastname FROM xs_par_table par LEFT JOIN xnat_projectData p ON par.proj_id=p.id LEFT JOIN xnat_investigatordata pi ON p.pi_xnat_investigatordata_id=pi.xnat_investigatordata_id LEFT JOIN xdat_user u ON par.approver_id=u.xdat_user_id WHERE LOWER(par.email)='%s' AND approval_date IS NULL";
+}
\ No newline at end of file
diff --git a/src/main/java/org/nrg/xnat/security/provider/XnatDatabaseAuthenticationProvider.java b/src/main/java/org/nrg/xnat/security/provider/XnatDatabaseAuthenticationProvider.java
index ed43dced4e736e214850a880b8cf955ab34e94e4..085bd95ec7b211d353d970e14718a4bc54c5f811 100644
--- a/src/main/java/org/nrg/xnat/security/provider/XnatDatabaseAuthenticationProvider.java
+++ b/src/main/java/org/nrg/xnat/security/provider/XnatDatabaseAuthenticationProvider.java
@@ -10,6 +10,7 @@
  */
 package org.nrg.xnat.security.provider;
 
+import org.nrg.xdat.XDAT;
 import org.nrg.xdat.services.XdatUserAuthService;
 import org.nrg.xft.db.PoolDBUtils;
 import org.nrg.xft.security.UserI;
@@ -79,7 +80,7 @@ public class XnatDatabaseAuthenticationProvider extends DaoAuthenticationProvide
             throw new AuthenticationServiceException("User details class is not of a type I know how to handle: " + userDetails.getClass());
         }
         final UserI xdatUserDetails = (UserI) userDetails;
-        if ((_requireEmailVerification && !xdatUserDetails.isVerified() && xdatUserDetails.isEnabled()) || !xdatUserDetails.isAccountNonLocked()) {
+        if ((XDAT.verificationOn() && !xdatUserDetails.isVerified() && xdatUserDetails.isEnabled()) || !xdatUserDetails.isAccountNonLocked()) {
             throw new CredentialsExpiredException("Attempted login to unverified or locked account: " + xdatUserDetails.getUsername());
         }
         super.additionalAuthenticationChecks(userDetails, authentication);