Support auth.type = CUSTOM_EXTENSION

This new auth type configures the web UI similar to the way HTTP
works, allowing the UI to redirect sign-in requests through the
/login/* URL and sign-out requests through /logout.

No URL handlers are installed in the application for this type
of authentication system. Instead it is assumed additional code
has been injected into the same environment via Guice to handle
the authentication. This is currently a very advanced usage of
Gerrit Code Review's server and is not recommended for most
site administrators, so the type is not documented at this time.

This change is a first step towards supporting other types
of user authentication, with the idea of eventually having
a plugin system to permit other third party authenticators.

Change-Id: I95fcbfc6f486513f7c7105a1b7005ab78b1f4073
Signed-off-by: Shawn O. Pearce <sop@google.com>

gerrit-server/src/main/java/com/google/gerrit/server/account/DefaultRealm.java

@@ -21,7 +21,7 @@ import com.google.inject.Inject;
 import java.util.Collections;
 import java.util.Set;
 
-public final class DefaultRealm implements Realm {
+public class DefaultRealm implements Realm {
   private final EmailExpander emailExpander;
   private final AccountByEmailCache byEmail;
 

gerrit-server/src/main/java/com/google/gerrit/server/config/AuthConfig.java

@@ -140,6 +140,7 @@ public class AuthConfig {
       case LDAP:
       case LDAP_BIND:
       case CLIENT_SSL_CERT_LDAP:
+      case CUSTOM_EXTENSION:
         // Its safe to assume yes for an HTTP authentication type, as the
         // only way in is through some external system that the admin trusts
         //

gerrit-server/src/main/java/com/google/gerrit/server/config/GerritGlobalModule.java

@@ -127,6 +127,9 @@ public class GerritGlobalModule extends FactoryModule {
         install(new LdapModule());
         break;
 
+      case CUSTOM_EXTENSION:
+        break;
+
       default:
         bind(Realm.class).to(DefaultRealm.class);
         break;