API specification.

compatibility with third party frontends.

the header being present (e.g. with IE).

With this changeset the spring servlet configuration is separeted from the
application configuration. This will result in a main context and a servlet
context, holding only spring mvc information.

This change has a very nice side effekt: Spring AOP beans will be loaded
only once in application context, not a second time in mvc servlet context.

All relevant information about users (e.g. session mebership) are
accessible via UserService.
The method IUserService::getCurrentUser provides information about
the actual logged in user. If no user is logged in, this method will
throw a UnauthorizedException which will end up in 401 HTTP error.

This patch uses AbstractController class to add exception handlers
into controllers. These handlers are used to detect some runtime exceptions
which can be thrown in any layer e.g. DAO or service layer.
They recognize NotFoundException and ForbiddenException. Test classes are
able to check if any of these exceptions are thrown during runtime.

user gets back to the right arsnova

leiten

* Make guest login working with new UserService
* Reuse existing guest username
* Adapted tests

switch to oauth2 authentication which allows facebook, twitter, google
etc authentication

This should send a generated random username to the client that is valid
for the current HTTP-Session.

This project is now under GPLv3 license

In local environment the principal must be casted to User object but in
production environment the username is represented as String in principal
object.

With this patch the application will try a cast to User object, if this
fails, it will do a cast to String - which holds the OpenID identifier.