* Merge created_by_user/project into one field named "owner" which can also contain domains (e.g. domain:user:project), so we don't care about authentication type anymore
* Each auth_type can map its own headers to the "owner" field for ACL
* Remove user_id,project_id from generic – each auth type module can map this as it wants
* Make (resource_id,owner) unique
Current thoughts:
* Merge created_ by_user/ project into one field named "owner" which can also contain domains (e.g. domain: user:project) , so we don't care about authentication type anymore
* Each auth_type can map its own headers to the "owner" field for ACL
* Remove user_id,project_id from generic – each auth type module can map this as it wants
* Make (resource_id,owner) unique