Change how we check signatures on SAML messages
Seems that using PROFILE_SIGNATURE_HINT_FORCE is not a good idea after discussion with Lasso developers (see http://listes.entrouvert.com/arc/lasso/2016-11/msg00013.html), we should use PROFILE_SIGNATURE_HINT_MAYBE.