The webapps.todo vocabulary wraps all of its responders in a protected responder. The description slot is set so that the login page contains the message "You must log in to view your todo list":
<protected>
"view your todo list" >>description
The webapps.wiki vocabulary defines a mix of protected and unprotected actions. One example of a protected action is that for deleting wiki pages, an action normally reserved for administrators. This action is protected with the following code:
<protected>
"delete wiki articles" >>description
{ can-delete-wiki-articles? } >>capabilities
The websites.concatenative vocabulary wraps all of its responders, including the wiki, in a login authentication realm: