Apply some validation to requested redirects after authentication

Currently the DefaultAuthenticationFeedbackHandler.handleRedirect and AbstractAuthenticationHandler.sendRedirect methods do not apply any validity checks on the requested redirect target.

We should apply some checks to ensure a valid target is accessible within the Sling application. If the target is not valid, the methods would redirect to the servlet context root path – obeying the contract for redirecting the client but not necessairily to the desired target. In any case an ERROR level message is written to the log indicating why the redirect target is not being honoured.

This check should be made available to AuthenticationHandler implementations such that they may apply checks to their own redirects.