changes to taxonomies_controller

fixes #2033 - Cannot assign a host to an org

Now its possible to change Locations / Organizations only via mass assign

fixes #2001 - Changing Loc or Org after compute resource selection give 500 error

refs #2146 - ensures redirect does not break on api requests too

fixes #2146 - prevent double render

fixes #2151 - use DN environment variable instead of CN

nginx is unable to pass bits of the X.509 subject, only the entire DN, so
support that as a lowest common denominator.

refs #2069 - enable auth by default

Without authentication, sensitive information and power is available to all,
so improve security out of the box.

fixes #2121, #2069 - restrict importers and ENC to puppetmasters and users

CVE-2013-0171: report and fact importers parse YAML directly from the remote
host without authentication. Untrusted YAML can instantiate objects and be
used to exploit Foreman.

CVE-2013-0174: external nodes (ENC) output is available to any source and...

added API v2 placeholders.

fixes #2109 - improve session token security

- adds security:generate token rake task to create static token
- generate and cache a token on startup if static token isn't present

Thanks to Sandor Szücs <sandor.szuecs@fu-berlin.de>