Get rid of some more testing dependencies in AccessControl by moving integration tests into higher level packages

- Full test coverage for ZPublisher.WSGIPublisher.

- Add 'add_user' script and finder help, borrowed from 'repoze.zope2'.

- Add call to 'setDefaultSkin(request)' to fix view lookups.

- Override the 'write' method in 'WSGIHTTPReponse' to avoid inappropriate
  stringification, allowing things like the Plone resource registry to work
  properly.

- Defer closing the request until the transaction commits, if and only if
  we know that middleware is handling the transaction.

- Make the WSGI publish function deal with three special cases:
  
  - App returns a file-like object as the response body (keep the app from
    stringifying it).
  
  - App raises an Unauthorized exception (just set the response status, to
    let middleware handle issuing a challenge).
  
  - App raises a Redirect exception (just call redirect on the response).

- Adapt test code to the new signature of 'HTTPResponse._cookie_list',
  which now returns a list of two-tuples, rather than rendered strings.

- Get quickstart page rendering under plain paste config.

- Make WSGIResponse.__str__ raise and exception, preventing an
  'attractive nuisance.'

  The real logic is in finalize and listHeaders now, and the publish*
  functions call those directly.

- Move finalization logic out of HTTPResponse.listHeaders.

- Refactor WSGIHTTPResponse to avoid the need to use str() and parse.
  
  o Instead, compute status and headers directly.
  
- Chop out error and transaction handling from the 'publish*' functions:
  the point of doing WSGI is to move that stuff out of the application,
  and out into middleware.
  
- One backward incompatibility:  the special "shutdown" behavior is gone
  here.  It should be replaced by something in view code.

- Factor out computation of the list of response headers from stringifying
  them, allowing WSGIHTTPResponse do reuse them as tuples.

- Chop out copy-and-paste fossils irrelevant to WSGI publication.

- Replace contorted logic for case-normalizing response headers with
  idiomatic Python.

- More PEP8 conformance.

- Start test coverage for WSGIPublisher.

- 100% coverage for 'ZPublisher.HTTPResponse'.

- Stop dancing the status / errmsg into / out of the headers list -- they
  aren't "headers" in any practical sense.

- Conform to PEP 8.

- Normalize imports, avoiding BBB import names.

  debugger still referred to the toplevel module ``Zope``, which was
  renamed to ``Zope2`` a long time ago.

  views.