LCGDM-2950 compatible group names for VOMS and IAM

Add DOME configuration option glb.iam-normalize (disabled by default) to provide compatible group names between legacy VOMS and new IAM. By enabling glb.iam-normalize it is possible to use X.509 proxies with old (legacy VOMS) and new (IAM) group names at the same time and all existing ACLs should work fine.

When enabled Role= substring is stripped from group name and whole Capability=* is also removed. Database groupinfo entries are not modified and their normalized names are just stored in hashmap used for group lookups. Group lookup names are also normalized before searching for their name in the group hashmap.

Normalization can lead to duplicate names and in that case first normalized(groupname) <-> gid mapping stored in database is used for further lookups (data from DB are processed in rowid ascending order).