Add documentation for form_login handlers

[samsch]

In the security reference, under form_login there are success_handler and failure_handler keys which can be set to services. There doesn't seem to by any other documentation about this functionality.

What needs to be documented:

• What interfaces to implement (AuthenticationSuccessHandlerInterface, AuthenticationFailureHandlerInterface)
• When these handlers are called (immediately after login success, I assume)
• Whether there is a default (yes), and whether you are replacing this default or adding an additional listener (replacing, I think)
• Basic example of usage

My basic example of usage is to add a cookie to the default redirect response. To do this, I extend the DefaultAuthenticationSuccessHandler, override onAuthenticationSuccess to call the parent and get the response, modify the response, and return it.

[linaori]

Closely related to #5139.

[samsch]

Looks like logout.handlers also needs this documentation. Should that be a new issue, or just leave it here?

logout.success_handler has a note in the book pointing you to the correct interface to implement, which in theory should be enough information to use it. At the same time, if you already have the other handlers all in one place, it would hurt to have it too.

[linaori]

It basically comes down to needing a full block for the firewall configuration with proper explanation. I noticed the user_checker configuration is also missing for the firewalls.

[javiereguiluz]

Thanks for reporting this! It's true that this is missing, but I'm closing this issue as a duplicate of #4258.