When enabled via config.json, unauthenticated web users are
automatically redirected to the homeserver's SSO provider on page load,
bypassing the homeserver picker UI. Uses full-page redirect with
localStorage token recovery to avoid browser popup blocking.
Requires defaultHomeserver to also be set in config.json.
