Current problem:

• whenever we have to handle additional login method (Basic, Form, etc..) we add this in SecurityFilter making it impossible to introduce new method
  without touching existing code base.

thoughts:
1)
Implement LoginFilter responsible for login based on configred login handlers, something like
server->filters->login
-> auth
-> Basic - "implementing class"
-> Form - "implementing class"
-> NTLM - "implementing class"

• Login filter will simply delegate to these handlers, one or more handlers can accept this request and perform login, this will allow to replace/add any
  custom method without touching magnolia code, also if needed you can login to other applications together with magnolia login (although this
  can be solved in different ways)

2)
Introduce "ClientCallback" as a property of SecurityFilter (any securityfilter extended from BaseSecurity)

server->filters->URISecurityFilter
-> callback - "implementing class"

• callback will tell the SecurityFilter what to do in case you are not Authorized, you can have callback which does "something" or a callback
  which sends a login form to the client or a one which sends an error.

I started working on this, if you have any suggestions or if you can see potential problems please let me know.