Add security service for managing security related objects

There is a lot of code duplication in our code base for dealing with accessing security related information in the repository. For instance checking whether a user is a member of a group, checking whether the user is a system user or if the user has a certain role in a given domain, etcetera. We need a repository security service obtainable and scoped to a session that can be used to obtain such information. Note that because the service will be scoped to the session, access control is done on the operations exposed by the service: if the session is not granted jcr:read privileges on the user node it wants to access it will not be able to see the corresponding user, etc.

The interface is expected to grow over time. We will start out with a few basic and simple operations that cover our immediate use cases: get a user by id, get a group by id, get a list of all users, get the group memberships of a user, etc. In the long run, we may progressively add functionality to the service to reduce our technical debt in this area.