#28 better extensibility

[nicolas de loof]

Enhancement request :

Current filter implementation use a monolithic doFilter
method. It would be great to cut it into more
fine-grained protected methods that may be customized
for application specific usage. For example, an
application could add support for authenticationEvents.
As an implementation example, consider Struts
requestProcessor : a base method calls N specialized
methods.

Here's some suggestion :

- requiresProcessing() // Check for already processed
- wrapRequest() // save orginial and wrap request
- processLogout()
- processLogin()
- getConstraints() // get matcher and constraints
- checkSecurity() // Check roles

It would be also great for authenticator to be
plugable. Current factory only use hard-coded impl. It
may be usefull for some apps to define a plugable
authenticator, using some context param for
authenticator classname. Just add
"
} else if
(HttpServletRequest.CUSTOM_AUTH.equals(authMethod)) {
// CUSTOM
String clazz = securityConfig.getAuthClassName();
authenticator =
Class.forName(clazz).newInstance();
"