* Allow the URL a user is sent to after logging out to be customised
This is required for any authentication system that has a magic URL for logging out (e.g. /Shibboleth.sso/Logout).
* Allow auth plugins to return a username
This is a bit cleaner than the current auth flow, which special cases e.g. http authentication
* Add some tests, defaults and documentation
* Add single sign-on authentication mechanism
* Make HTTPAuth use the authExternal/getExternalUsername methods
* Add to acknowledgements
* Add reset method to Auth