Cosmo ticket tests

Several of the functional tests for tickets are currently failing:

bcm@bcm:~/work/osaf/cosmo/src/test/functional/HTTPTest > python cosmo_ticket.py
host localhost port 8080 recurring 10 path /cosmo
startingTest Setup Accounts
startingTest OK (read-only)
startingTest OK (read-write)
startingTest Bad XML
startingTest No XML body
startingTest No access privileges
startingTest No access privileges, no body
startingTest No such resource, no body
startingTest No such resource
startingTest No access, no such resource
startingTest GET with OK ticket
startingTest GET with read-write ticket
startingTest GET with nonexisting ticket
startingTest  PUT with read-only ticket
Failure :: Test Status Code Check on 403 :: expected 403 ; received 401
startingTest PUT with nonexisting ticket
startingTest PUT with read-write ticket
Failure :: Test Status Code Check on 201 :: expected 201 ; received 401
Failure :: Test Status Code Check on 204 :: expected 204 ; received 401
startingTest DELETE with read-only ticket
Failure :: Test Status Code Check on 403 :: expected 403 ; received 401
startingTest DELETE with nonexisting ticket
startingTest DELETE with read-write ticket
Failure :: Test Status Code Check on 204 :: expected 204 ; received 401
startingTest GET deleted file
Failure :: Test Status Code Check on 404 :: expected 404 ; received 401
startingTest No access
startingTest OK (No Content)
startingTest Ticket does not exist
startingTest Ticket does not exist, body
startingTest Ticket does not exist, resource does not exist
startingTest Ticket does not exist, resource does not exist, body
startingTest Try to delete an already deleted ticket
startingTest Mismatched ticket in URL and header
Failures :: 6
Passes :: 33
Total tests run :: 39

The failures are due to the fact that tickets are not being inherited from parent resources. When Cosmo gets PUT /home/cosmo-test/asdfjkl?ticket=blahblah, it attempts to look up that ticket on that resource. If the resource does not already exist, then Cosmo throws an AuthenticationException which Acegi Security translates into a 401 response. What used to and should still happen is that when that resource doesn't exist, its parent is checked for the ticket, and if the parent doesn't exist, its parent, and so on up to the user's home collection. In the example, if the given ticket was good for /home/cosmo-test/, then the request would proceed instead of returning 401. Bug 6767 tracks the issue.