Authorization Resource

More code.  This time, with tests.  :)

There are two classes in the parcel along with a test class.  
AuthorizationResource is an abstract superclass; it should be easy to
create your own subclass that does authorization in whatever way you
want.  ACLResource is a subclass that reads login,password pairs from a
file.

This guy depends on the session stuff that I sent out earlier.  It uses
the session to store the authorizedLogin between requests.

To test this out, create a file called "test.acl" that looks like this:

ken,test
joe,gemstone
janko,aida
jerry,dolphin

That'll set you up to be able to login as ken (with password "test"),
joe (with password "gemstone"), etc.  Then, use a site configuration
like this:

<CompositeResource stringUriPattern: '/'>
<CookieSessionResource new>
  <ACLResource stringUriPattern: 'auth' listFile: 'test.acl'>
  <HelloWorld stringUriPattern: 'hi'>
  </CompositeResource>
</CompositeResource>
</CompositeResource>

Then, browse to <site>/auth/hi.  Your first hit will ask you to login;
subsequent hits will display the HelloWorld message.

I'm getting excited about this stuff; and I think this framework could
really work.  I've now got just about everything I need to build my
customer's site in Swazoo.  Things should go pretty quickly from here.


Ken Treis
[hidden email]