See here: https://community.igniterealtime.org/thread/53822

* simplified the UI
* added search for groups
* pagination for available groups

Summary page

- Fixed the problem with backward compatibility to user service 1.*

- Fixed the problem that authentication type was not saved

- New restfull API (see readme). The plugin is backward compatible.
- Added new requst to get all or specific users
- The user is now extendible with key / values properties
- Added new requst to get roster entries of a specific users
- Added new requst to get group names of a specific users
- Added new request to add user to a group or remove a user from a group

- Bug fix: Unable to join groupchat 

- Room user roles can now be added and removed individually

OF-840 BOSH <stream:features> does not include <register/>

OF-483 - JDBCUserProvider hardcodes searchSQL

Update StatsAction.java

The Server traffic statstics in quick stats are incorrect and inconsistent compared with All Reports page.
The problem is in the calculation of Low and High Values.
The StatsViewer.getMin() and getMax() will return two values for high and low for server_bytes_in and server_bytes_out respectively.
The StatsAction.getLowAndHigh(String key,  long[] timePeriod) does not take that into account and always precesses the first element in the array. Modified so that it sums the values of all the elements of the array.

OF-839 Forwarded extension should not overwrite extension namespaces of ...

Allow for custom lib and conf file placement. Jira OF-838

Bug: properties in openfire.xml not properly loaded in setup

MUC Service Plugin update to 0.2.1

- Creation and modification dates, are now optional
- Room user roles, are now optional
- Bug fix: As persistent specified room, will be now saved to DB

In setup, some of the host settings are loaded from XML properties specified in openfire.xml, while others are incorrectly loaded from whats currently in JiveGlobals. Since we are in setup mode, JiveGlobals.getProperty returns null thereby ignoring any property overrides in openfire.xml specified by the user.

Changelog: 
1. Instead of just blindly setting anonymous auth to true, check if user has an override property in XML configuration, if not, default to true.
2. Call getXMLProperty to load user configuration override values and not what is currently in JiveGlobals. During setup mode, this is always null.
3. Instead of setting default values for auth, user, group, card, lockout, securityAudit and admin class names, check if the user has provided overrides for those properties, and if so, use those, otherwise use defaults.
4. Expose a method to retrieve XML property names, and then in finishSetup, go through the rest of the XML properties overridden by user that were not touched by setup and individually set those. This is particularly useful when users have to specify primary and secondary * hybrid providers.

OF-834: Close Open_redirect

More S2S fixes

Fix for OF-835

- install ReadThrottleFilterBuilder into filter chains
- adjust SSLFilter positioning in chain so that ReadThrottleFilter works correctly

Kim 'Zash' Alvefur commented that an empty authzid in EXTERNAL wasn't working.

This patch adds this handling, and also changes authorization checks from a
domain.contains() to a domain.equals().

This now reassembles a URL from the path, query, and fragment supplied, and
ignores the scheme and network location portions entirely.

Thus http://www.google.com/foo redirects to /foo only.

Credit to Jonathan Bush, Security Consultant at
ProCheckUp http://www.procheckup.com

Added UTF-8 support for readme and changelog files

Fixed the issue that creates an empty line after each line of HTML code,
which can break the layout by using <pre>

This patch rewritten to avoid reformatting by Dave Cridland <dave@cridland.net>