[Twisted-web] Basic HTTP auth?

[Phil Mayers]

Ok, I'll admit it, I'm baffled. The plethora of objects (realm, avatar, 
checker, mind) in twisted.cred has me stumped, even more so when it 
comes to restricting a portion of a Nevow website.

What I'd like to do is check passwords (supplied in an HTTP Basic auth 
manner) out to the Cyrus SASLauthd unix socket.

class saslauthd(protocol.Protocol):
     # code to talk to saslauthd via unix socket
     # and binary protocol goes here...
     def authenticate(self, username, password):
         d = defer.Deferred()
         self.queue(username, password, d)
         return d

...however, though I can monkey-copy the code for something like 
guarded.py in examples/ I don't really understand it, which is a recipie 
for distaster, much less extend it with (I think?) my own checker; and 
the examples all use nevow.guard which appears to be cookie based.

Can anyone provide a simple explanation of what I'd need to do to a page 
to make it and its children require HTTP basic auth, which is handled 
via my own auth function/class?