OF-1545: Users of AuthToken.getUsername() should be able to handle null values
The Javadoc of getUsername() clearly states that null values are to be expected (when anonymous
authentication took place). In a previous commit, an instance were the username was filled with
the anonymous resource-part was corrected (now, null is used instead). This commit fixes a few
instances where users of getUsername() assumed its return value to be non-null.
OF-1545: Optimize 'isAnonymous' check in AuthToken
The 'isAnonymous' method need not do a user lookup to determine if the associated session
is using anonymous authentication. This information is available when the token is created.
By removing this lookup, load is reduced.
Additionally, the token implementation itself need not contain data that is guaranteed to
be identical for each token (the XMPP domain name).
Lastly, the AuthToken javadoc defines that the containing username will be null for anonymous
users. This means that there's no need to track that status in an additional field.
This above leads to a simplification of the AuthToken implementation (less complexity is good
for maintenance). This commit also removes one instance where the username is set to the
resource-part value of an anonymous session (as this is explicilty forbidden by the Javadoc
contract of getUsername()).
A follow commit will check usages of getUsername(), to verify that returned null values are
properly processed.
