Permission denied page should mention logging in if not logged in.

[pfnguyen@…]

There are many privileges I revoke from anonymous but grant to authenticated.

Permission Denied

TICKET_CREATE privileges are required to perform this operation 

When a user is not logged in and encounters the permission denied page it is not obvious that the person could log in and attempt to view the page.

Currently, not all users in my organization are trained to use Trac, however we have a single-sign-on setup and Apache/Trac supports that. Thus all users in my organization can log in to trac.

When a new user comes to trac (and I point them at /newticket or something) they get a permission denied message and don't know what to do next. Instead, maybe we could have a message that looks like:

Permission Denied

TICKET_CREATE privileges are required to perform this operation 

You are not logged in, please :login: and try again.

And with the 2nd attempt (if it still fails), present the message that the user logged in does not have the required ACL. Something like:

Permission Denied

TICKET_CREATE privileges are required to perform this operation 

Your login, $REMOTE_USER, does not have the required permissions.
[perhaps list the permissions granted here as well]