}
}
public boolean checkAuthorisation( HttpManager manager, Resource resource, Request request ) {
log.trace("checkAuthorisation");
AuthStatus authStatus = checkAuthentication( manager, resource, request );
// a null authStatus means that no authentication was attempted, eg an anonymous request
// it is up to the implementation to decide whether or not to allow anonymous access
// however a failed login must always be rejected
if( authStatus != null && authStatus.loginFailed ) {