Planned Features:
- ssl security 
  - further research on keystore and crypto connection delivery
  - http://docs.codehaus.org/display/JETTY/How+to+configure+SSL
- basic authentication integration
  - basic auth works well with jetty
  - uses realms, which when provided allow access
  - built up test auth manager
  - problem is that the auth needs be done only when required, and then
    must have finer grain than role
    - can't tightly integrate
  - can make it go:
    - security api stays as is, checks against user in session
    - if check fails, redirect to secure servlet handler (with requested url as param)
      handler is defined to require basic auth
    - after basic auth, fetch user and auth via security api, populate security roles
      and set in session (as currently done)
    - return principal with role
    - next time a request comes, the user is in session, so no redirect.  basic auth user
      that jetty knows about does nothing, but says, yes this is a valid user.
  - should work without problem

Implemented Features:
- app to scan for and dump service class names to build/services file
- scan for services file as resource and auto-load into service manager
  - done in service manager init