Reverting some changes made with PR #239. by enabling the custom socket factory.  Added the use of Comparator per http://docs.oracle.com/javase/8/docs/technotes/guides/jndi/jndi-ldap.html#pooling
  for connection pooling

Improves GroupAwareMap and GroupAwareList implementations by caching
group names (in lieu of group instances) that are referenced in the
corresponding collection. This enables rapid group retrieval from
primary cache where applicable.

Fixes caching issue which prevented users from joining MUC rooms in
certain cases.

OF-918: BOSH should use UTF-8 character set.

Address XSS issues in admin console and monitoring plugin

A number of stored XSS issues were found by Dean Hardcastle during testing of
the monitoring plugin's admin console. These include cases where chatroom
nicknames and message text are not adequately escaped.

Denote Openfire 3.10.2 Release

See http://docs.oracle.com/javase/8/docs/technotes/guides/jndi/jndi-ldap.html#pooling

LDAP Connection Pooling is disabled when using a custom ssl socket. The custom
socket was used to accept unsigned/untrusted/expired ssl certs. I removed the
use of the custom socket, and also added the required system property to enable
connection pooling when using SSL, which was missing.

Rollback of this commit for OF-421:
https://github.com/igniterealtime/Openfire/commit/89c06a88d75e15d36ce7f6ace88bbf5c71fb08df

The inputClosed method was added during troubleshooting for MINA 2.0.9
and can be removed now that we have downgraded to 2.0.7.

Openfire 3.10.1 Release

Prevent sessions in admin console from showing UnknownHostException

OF-889: Added try-catch blocks to the various JSP pages where Session.getHostName or Session.getHostAddress is called to prevent the Sessions tab from showing UnknownHostExceptions when there are bad client sessions laying around

Address current problems in 3.10

Where the session is part-closed, these can throw NPE due to getRemoteAddress()
returning null. This sledge-hammers the problem away.

Addressing DIRMINA-1012

Do not synchronize on isClosed()

There is a deadlock while reading the state variable if close() is running.

This switches the state to be volatile instead - it's only written to inside
the lengthy close() lock, so this should be reasonable.

Openfire 3.10.1 Release Candidate

By closing a session when the new MINA inputClosed() handler is triggered, we run
the risk of sending data to the peer. As that peer is known to be dead, this is
pointless (and potentially dangerous - deadlocks have been observed that are likely
related to this scenario).

To prevent sending data during session closure, the close() method has been
overloaded with an argument that indicates if the peer is known to be dead. When
set, its implementation will not attempt to send data.

Currently, only stanzas containing errors of type cancel will cause the
occupant to be removed, however this doesn't appear to catch and remove many
occupants in practise.

This patch therefore removes occupants from the service on any message or
presence error stanza, irrespective of the error type. IQ stanzas do not
trigger the same response, as these may be due to lack of client support
rather than a vanished occupant.

The close listeners should not be called from within a synchronized block.

When a connection is closed, several events can be involved (and can be triggered).
Some of these events will attempt to close the connection (if it hadn't been already).
This, at best, least to multiple invocations of close-listeners. At worst, a loop of
close-calls is created.

This commit replaces the two-way boolean that guards closure (isClosed) with a
three-way guard. Now, a distinction is made between between a connection that is
closed, and one that is closing.

Additionally, some null pointer guards have been added, as I've seen those pop up in
my local logs during development.

MINA 2.0.8 introduces support for half-duplex close of TCP channels (see DIRMINA-785).
As part of this change, IoHandlers got a new method. The default behavior of the
IoHandlerAdapter closes the MINA session when this handler is triggered. However,
without an Openfire-specific extension (in ConnectionHandler), this fails to close
Openfire-maintained resources. As a result, CPUs could start to spin in NIO code,
resulting in 100% CPU cycles.

To fix this issue, ConnectionHandler now overrides the default functionality and
triggers a normal closure of the session (both in Openfire as well as MINA context).

Additionally, to prevent the CPU spin, MINA sessions need to be closed synchronously
(as opposed to the async closure Openfire had up until now). I cannot quite explain
the need for this change, other than a suspision of race conditions in the async
setup.

OF-909: Include ack in BOSH response body element

Fixes alternate (synchronous) write to the HTTP response output stream.

Per spec, the ack attribute in the response <body/> allows a BOSH client
to verify that sent stanzas with the corresponding rid(s) have been
successfully received by the server.