LDEV-3335, LDEV-3340: Remove a filter which sets inactive timeout in sessions. With new SSO it is just needed in Central and it is already taken care of by SessionListener.
LDEV-3335, LDEV-3334: Use SSO mechanism introduced in WildFly 9. Do not create web.xml files with XDoclet as it can not produce them based on 3.1 schema. Use static ones instead. Make SessionManager just a proxy to webserver's HTTP session. Remov custom shared sessions and JSESSIONIDSSO cookie as they are obsolete. Remove own session monitoring as the container should take care of invalidation. Move injecting UserDTO into session to SsoHandler intead of UniversalLoginModule as an authentication request may not reach the latter due to WildFly credentials caching.
LDEV-3312 Improve security of Scratchie tool. 1) isAnswerCorrect.do to spawn a thread on the backend to record result 2) check user has access to current answer
LDEV-3332: revert spring-beans schema declaration in application context xml files. export spring meta-inf in jboss-deployment-structure.xmlIt is way more elegant approach to fix an issue with spring-beans.xsd loading from internet.
