switch to oauth2 authentication which allows facebook, twitter, google
etc authentication

add spring-test and junit
add jetty plugin which allows mvn jetty:run

redirection

include config.properties.example and let override values by
config.properties
cas spring security configuration adjustments 

A session will be returned if one of the following cases are true:
* the session is active
* the session is inactive AND current (logged in) user is the creator

This should send a generated random username to the client that is valid
for the current HTTP-Session.

* Added session controller with method to get session by id
* Created session class to be used as entity object
* Created session service class and interface
* Added content negotiation view resolver to map entity objects to JSON

add servlet-api as provided dependency

This tells the servlet container to add the correct mime type if sending
any files with the extension 'manifest'.

This project is now under GPLv3 license

With this patch, there is no need to checkout dojo-war git repository
or having dojo-war project in local eclipse anymore.

In local environment the principal must be casted to User object but in
production environment the username is represented as String in principal
object.

With this patch the application will try a cast to User object, if this
fails, it will do a cast to String - which holds the OpenID identifier.

This is needed if using index.html instead of developer.html