I am trying to understand the reasoning behind the new factory added
for authentication mechanisms
Why not just allow the direct install of authentication mechanisms like
we did before in the DeploymentInfo?
I am unsure we need another level of indirection with this factory which
also has access to the FormDataParser. Basically, the specifics of FORM
authentication have sneaked into this factory. Many of the
authentication mechanisms do not even involve forms.