h1. No shared state IdP with external user directory

* We start with the SAML 2.0 IdP
* We first added a deterministic NameID generation mode, by adding a new NameID format setting, called eduPersonTargetedId. In this mode the NameID is computed as @hex(sha1(username+entity_id+django_secret_key))@.
* Next step is to define a a deterministic way of generating Session Indexes as @hex(sha1(NameID+django_session_key))@. Lasso is automatically generating a session index when the service provider has a logout endpoint, a session should be generated using the deterministic algorimth (after the call to @lasso_login_build_assertion@) only if Lasso has also set one.
* Final step will be to store the list of SP for which a session is open in the django session and not in models, method to modify are @saml.common.load_session@ and @saml.common.save_session@. Session index should only be saved if there is one.