Merged V3.2 to HEAD

17462: ETHREEOH-3346: New meaning to synchronization.synchronizeChangesOnly property
      - In the LDAP sync performance optimizations we always used the differential queries to determine the users and groups to be updated. Deletions were determined by a separate query.
      - This meant that if you ever did want to force the update of all users it wasn't possible.
      - So now when the flag is false it means don't use differential queries in the scheduled sync job.
      - The scheduled job now processes deletions regardless.
      - The default value for the property is now true.
   17431: ETHREEOH-3274: Refix NTLM support for share
      - Fixed NPE introduced by ETHREEOH-2767
      - Made web.xml validate against schema for JBoss
      - Reintroduced missing open comment in webscript-framework-config-custom.xml.sample
   17426: ETHREEOH-2997: Fix ticket parameter passing into NTLM/Kerberos WebDAV authentication filters
      - A NPE was stopping it from working
   17425: ETHREEOH-3282: Fixed NPE preventing upload from working with NTLM SSO enabled
   17368: ETHREEOH-3197: Use utf8_bin collation in MySQL out of the box to avoid problems with comparison of accented characters
   17361: ETHREEOH-3276: Don't attempt to start an LDAP sync when the repository is read only
   17347: ETHREEOH-3206: Fix LocalFeedTaskProcessor to work with JBoss 5


git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@17464 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261

source/java/org/alfresco/repo/webdav/auth/BaseSSOAuthenticationFilter.java

@@ -279,7 +279,7 @@ public abstract class BaseSSOAuthenticationFilter extends BaseAuthenticationFilt
     		    SessionUser user = getSessionUser(servletContext, req, resp, true);
 				
     		    // If this isn't the same ticket, invalidate the session
-				if (!ticket.equals(user.getTicket()))
+				if (user != null && !ticket.equals(user.getTicket()))
 				{
 				    invalidateSession(req);
 					user = null;