OF-1092: Pluggable SASL mechanism

A bit of rework of the SASL implementation. Pushed implementations to Java
Provider where this was not done before. When SASL fails, it is useful to be
able to add some context to the failure. To do this,
javax.security.sasl.SaslException is subclassed.

Outcasts should not be allowed to register with room.

Update Chinese Simplified translation (OF-1088)

OF-1095: Improve plugin (un)loading related logging

OF-1098: Anonymous user login should be disabled by default.

This commit adds more structure to the logging done when loading and unloading
plugins.

The plugin manager was adapted to create log statements for loading and unloading
each plugin. It also logs to std-out for log statements of priority INFO and above.
This mimics what some (but not all) plugins were doing internally.

There's an added log statement that informs that the loading of the entire set of
plugins has finished (which helps users to determine when Openfire is ready to be
used).

Corresponding log statements from individual plugins have been removed.

OF-1094: Allow reset of UserProvider

Some user providers might not provide a creation date for each user. There's no
reason that the Admin Console should not be able to cope with that.

When the property provider.user.className is set, a new UserProvider will be initialized.
Openfire should revert back to the default provider when that property is deleted.

Admin Console: prevent NPE on missing user creation date.

Some user providers might not provide a creation date for each user. There's no
reason that the Admin Console should not be able to cope with that.

With the current implementation, any user can send the register IQ to register with
a room as a 'member'. This also allows outcasts, that were banned from a room, to be
able to register again as a member, and eventually re-join the room. The solution is
to prevent outcasts from registering with the room.

OF-1087: Default namespace handling in BOSH.

In dom4j, the default namespace of an element cannot be set by adding
a namespace that has an empty-string prefix. Although the string
representation of the element will be correct, that namespace is not
being recognized as the default namespace of the element (instead, it
is a namespace like any other prefixed namespace, to be used in child
elements).

The original code depends on a whitespace to be present within the limits
of the element. This is not safe (eg: <message><foo/></message> fails).
Instead, the closing characters ( > or /> ) of the first element should
be used, as that's guaranteed to be present.

A change introduced in Openfire 3.10.3 (OF-938) changed how the BOSH
implementation would add default namespace definitions where applicable.
This new implementation depends on a space from being present in the
outer stanza. The 'fin' element that's transmitted here is wrapped in
a message stanza without any attributes ( <message><fin ... ) which
caused the namespace to be injected in the fin element (where the first
space was).

This commit adds a 'to' attribute to the wrapping message stanza, to
allow for users to work around the problem without having to update
Openfire itself.

The BOSH implementation will be adjusted to account for this in another
commit.

Cannot join room in a cluster after an availability update.

NullPointerException in RoutingTableImpl.

Allows dynamic setting of disco info handler and disco items handler …

OF-954: Cleanup MUC rooms for defunct node

OF-462 PEP should process IQ-gets that have no 'to' attribute.

Fix unicode read on input

When a room occupant sends an availability update to a host in an
Openfire cluster, other users cannot join the room from other hosts in
the cluster. The availability update causes the other hosts to lose an
occupant's role and affiliation. New occupants encounter an NPE when
joining and are prevented from joining the room. Specifically, the NPE
occurs when Openfire attempts to send initial presences for current
occupants.

Remote hosts in the cluster lose the occupant's association because the
local room simply broadcasts the presence packet for the occupant's
availability update. Because it is from the client, this packet does not
have the occupant's role or affiliation. The remote hosts treat the
presence packet as the occupant's presence without modification.

This fix changes the order in which Openfire handles an availability
update. First, it updates its local view of an occupant's presence. This
populates the correct association. Then, it broadcasts the updated
presence to remote hosts in the cluster.

In the current read scheme for Openfire, it is possible that due
to variable width encoding that we sometimes only create a
string with a partial character.

This breaks the message text and causes encoding issues when read.

This change modifies the way the characters are
read to use an bytearrayoutputstream and
only do the string conversion once.

Since we only do the string creation once after the full
buffer is read, we no longer have encoding
issues with broken unicode characters.

In #routeToComponent, it is first checked if the component is being hosted in the local JVM. If it was not found, then all nodes in the ComponentsCache are checked to find if the component is hosted by one of those. In this process, the local routing table is again searched for the component, because it may have been added after the previous check. However, after this search, there is no null check done for the searched route. This results in an NPE when the component was not found locally and the #process(packet) method is called on the object. 

This also prevents the code from searching other nodes that may have been in the nodes set. Added a null check to prevent this scenario.

This way, plugins can swap in and out the handler.

XEP-0016 error messages should set correct from attribute (the sender).

See XEP-0016, example 50.

Patch submitted by community member lukzie.

OF-1063: Prevent TimerThread from exiting

Do not allow TimerThread to exit when the server becomes heavily loaded,
preferring instead to use the caller's thread to execute a scheduled
task when needed. This may result in a temporary slowdown, but is better
than a hard failure which requires a restart of the server.

OF-1057: Upgrade Jetty to 9.2.14

This commit moves jetty 9.2.9 to 9.2.14, which currently is the
latest release of it 9.2 branch.