Delegates the authentication to a custom script. This is useful if you need to plug into a custom authentication scheme, but don't want to write your own plugin.

Each time the authentication is attemped, the specified script will be invoked with the username in the 'U' environment variable and the password in the 'P' environment variable. If the script returns exit code 0, the authentication is considered successful, and otherwise failure.

In case of the failure, the output from the process will be reported in the exception message. This security realm has no concept of 'groups'.