Right now, RestAPI plugin provides two option for accessing its
endpoints:
# Basic authentication: uses username and password of an existing
Openfire admin accoount
# Secret key: uses for authentication a key defined in the Openfire
Admin console.

It may be really useful to provide the option to define another Filter
as the authentication mechanism to use for accessing the plugin' Rest
service given its fully qualified class name.