Review authentication/authorization architecture

[amanteaux]

The current authentication architecture in the module plume-admin-security is tightly coupled to Plume admin. This makes implementing an authentication system outside Plume admin difficult.
Moreover, the "authentication SDK" is difficult to use:

• It seems tightly coupled with Jersey
• The class SessionWs is present in the module plume-admin-ws whereas a lot of code in this class must be reused to implement a custom authentication
• The code is not very modular: it is often required to override multiple classes to implement a custom authentication, like SessionWs, and it is complicated for the same project to provide multiple authentication system

Ideally:

• All then authentication code should be in a plume-authentication and maybe with a plume-authentication-jwt module
• plume-admin-security would only contain code to customize plume-security for Plume Admin (and maybe renamed plume-admin-authentication)
• A full documentation would be written before any development to make sure that it would be easy to use
• A sample would be implemented in https://github.com/Coreoz/Plume-showcase where we would see how to implement a custom authentication system next to the Plume admin authentication system