Remove JAAS

New methods: Framework.loginSystem() Framework.loginSystem(originatingUser) Framework.loginUser(username) NuxeoPrincipal.getCurrent() NuxeoPrincipal.isCurrentAdministrator() The above loginSystem  and loginUser  methods now return a NuxeoLoginContext  that is AutoCloseable  and can therefore be used in a try-with-resources. Deprecated methods: Framework.login() -> Framework.loginSystem() Framework.loginAs(originatingUser) -> Framework.loginSystem(originatingUser) Framework.loginAsUser(username) -> Framework.loginUser(username) Framework.login(username, password) -> Framework.loginUser(username) ClientLoginModule.clearThreadLocalLogin() -> LoginComponent.clearPrincipalStack() (INTERNAL) ClientLoginModule.getThreadLocalLogin() -> LoginComponent (INTERNAL) ClientLoginModule.getCurrentLogin() -> LoginComponent.getCurrentPrincipal() ClientLoginModule.getCurrentPrincipal() -> NuxeoPrincipal.getCurrent() ClientLoginModule.isCurrentAdministrator() -> NuxeoPrincipal.isCurrentAdministrator() LoginStack These extension points or part of their contributions are removed: <loginModulePlugin> in the element <authenticationPlugin> of extension point authenticators of org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService the extension point domains of org.nuxeo.runtime.LoginComponent (which included registration of LoginModule classes) the extension point plugin of org.nuxeo.ecm.platform.login.LoginPluginRegistry (which included registration of LoginPlugin classes) Behavior change: NuxeoAuthenticationPlugin.handleRetrieveIdentity should now contain all the authentication code, and return a UserIdentificationInfo with credentialsChecked = true (using the 1-arg constructor) if the credentials have already been checked by the auth plugin itself. Otherwise the method may return a UserIdentificationInfo that includes a username and password, to let the generic filter check the password against the UserManager .