Initial implementation of the Authorization Manager. Right now it doesn't control artifact access because the data files haven't been designed. There is a setting in api.properties that will turn on info messages so you can see it in action.