This provides smaller and cleaner Interfaces for each context.

This checks if there is a user in current security context. If not, an
UnauthorizedException is thrown which will result in HTTP - 401.

This patch uses AbstractController class to add exception handlers
into controllers. These handlers are used to detect some runtime exceptions
which can be thrown in any layer e.g. DAO or service layer.
They recognize NotFoundException and ForbiddenException. Test classes are
able to check if any of these exceptions are thrown during runtime.

Old tests are ignored because they allways fail with unknown reason.
The new tests are very simple and there is a lot of work to be done to
have a fully tested application.

This method uses transaction level READ_COMMITTED.

* Added session controller with method to get session by id
* Created session class to be used as entity object
* Created session service class and interface
* Added content negotiation view resolver to map entity objects to JSON