Handle user session data for both internal and external authentication

Handle user session data for both internal and external authentication

Ipsilon can authtenticate a user by itself via it's own login
handlers (classes derived from `LoginManager`) or it can
capitalize on the authentication provided by the container Ipsilon
is running in (currently WSGI inside Apache). We refer to the
later as "external authentication" because it occurs outside of
Ipsilon. However in both cases there is a common need to execute
the same code irregardless of where the authntication
occurred.

Establish a new mixin class LoginHelper and use it in both the
LoginManagerBase class and the SAML2 SSO SOAP endpoint handler. The
SOAP endpoint handler requires extenal authentication.

LoginHelper.initialize_login_session() performs the common duty of
establishing a login session and binding user attributes to that
session.

LoginHelper.get_external_auth_info() determines if external
authentication has been performed and returns the name of the
principal and the authentication method.

Since SSO_SOAP utilizes external login it needs access to the Info
providers in order to populate the user attributes in the returned
SAML Assertion. The Info provider should be initialized only once and
is done via the normal Ipsilon login provider initialization. SSO_SOAP
obtains a reference to the Info provider bound to the login provider
by accessing the provider._root.login.info member.

In order to access the provider it was advantageous to explictily name
the positional parameters passed to the __init__ calls instead of the
previous practice of passing parameters anonymously in a *args
tuple. In this manner the provider parameter is explicit instead
having used a hardcoded index into the args tuple (e.g. provider =
args[1]). The result is much cleaner, easier to read and more robust
software.

Thus the patch also modifies the __init__ argument list to explictly
pass the site and provider parameters as the first and second
positional parameters instead of having them be anonymously subsumed
in the *args parameter. These parameters must always be passed because
the ProviderPageBase __init__ requires them. Also modify the super
calls used to initialize the parent class to pass the site and
provider parameters. Calls to initialize ProviderPageBase only pass
the site and provider parameters, they do not pass any additional
anonymous parameters from the subclass.

Ticket: 191
Signed-off-by: John Dennis <jdennis@redhat.com>
Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>