Not sure we should make the front page login-required, that way we can't even show what this thing is about. I understand that for quick&dirty prototype we just need a login, but actually we need a permission model that redirects to the login page (and back after login) when it's necessary.
Currently without the debug trace view it's not possible to use any of that, so it's not discoverable and thus Doesn't Exist(tm). If this piece isn't required to run the server, let's ditch it (only log-in is in the user story).
I updated acceptance criteria for #72 so we can focus on code review in the code.
We didn't say "exactly and only this software" :) I tried including that caveat but it's really cumbersome, and I want it to be concise at this point.