Add support for enforcing YubiKey login depending on client

[Nicklas Nordborg]

#609 added support for not using YubiKey login when certain client applications was used.

In some cases it might be desirable to enforce that YubiKey login is used (see #891). Typically, the normal behavior is to also accept users that has not been assigned a YubiKey (if they provide their regular username and a correct password).

When a client-application has been configured for enforcing YubiKey login it will not be possible for users without a YubiKey to login with that client.

The suggested fix is to specify a list of client application ids in the yubikey.properties file. Eg:

enforce-yubikey = net.sf.basedb.reggie.delivery

[Nicklas Nordborg]

(In [3993]) Fixes #892: Add support for enforcing YubiKey login depending on client

A list with client id values can now be specified in the require-yubikey configuration setting to require that YubiKey login is used.

A releated but slightly different change is that if someone is trying to login with valid YubiKey that is not connected to a user account the login is blocked. This case used to be ignored and passed back to the BASE core for internal authentication.

[Nicklas Nordborg]

(In [3995]) References #892: Add support for enforcing YubiKey login depending on client

Removed the text "users without a YubiKey should login with their username" from the login form if the used client has been configured to require YubiKey login.