Permit plugins to implement AllRequestFilter

If a plugin extends AllRequestFilter and binds it as a member of the
DynamicSet, the plugin can filter any HTTP request that passes through
the server. This allows a monitoring plugin, or an access control
plugin, to glue in very early in the serving pipeline and see all
requests.

The plugin point is after the RequestContextFilter configures the Guice
environment used by Gerrit, but before any user authentication can
happen. An access control plugin might be able to reject connections
based on remote IP address, or client side SSL certificate, but cannot
rely on Gerrit user information.

If multiple plugins register implementations, the order they are
invoked is currently undefined. The likely order is derived from
the sorting of the names in the plugins/ directory, but we don't
promise any ordering.

Change-Id: I8709373379ec09e79502f67446b8a7b805e8cec7

gerrit-war/src/main/java/com/google/gerrit/httpd/WebAppInitializer.java

@@ -224,6 +224,7 @@ public class WebAppInitializer extends GuiceServletContextListener {
   private Injector createWebInjector() {
     final List<Module> modules = new ArrayList<Module>();
     modules.add(RequestContextFilter.module());
+    modules.add(AllRequestFilter.module());
     modules.add(sysInjector.getInstance(GitOverHttpModule.class));
     modules.add(sshInjector.getInstance(WebModule.class));
     modules.add(sshInjector.getInstance(WebSshGlueModule.class));