myproxy_logon generate certificates without populating the CN

[nathanlcarlson]

The CN should be the complete OpenID, https://{openid-sever}/esgf-idp/openid/{username}. This is found by querying the database with a Java application, which is called from a script at /esg/config/myproxy/myproxy-certificate-mapapp. Manually running this script from /usr/local/globus/bin reports the following error:

An error occurred: java.lang.Exception: Openid Query Failed: org.postgresql.util.PSQLException: ERROR: permission denied for schema esgf_security
  Position: 29

It was discovered that the database user being used is the low-privilege user, where as in 2.x, the database user being used is the database super user. It is supposed to be referencing the db.user property in the /esg/config/esgf.properties file and uses the following command.

postgress_user=$(sed -n 's@^[^#]*[ ]*db.user[ ]*=[ ]*\(.*\)$@\1@p' ${ESGF_HOME}/config/esgf.properties | head -n1)

Where ESGF_HOME is /esg. This resolves to the low privilege user because /esg/config/esgf.properties contains

...
publisher.db.user = {low privilege user}
...
db.user = {the super db user}
...

Note this is related #482 which proposes to change the /esg/config/myproxy/myproxy-certificate-mapapp to a standalone python script which makes the query itself.