This is to accomodate situations where the authorization service is being used by the hypergrid, where visitors have no user account.
See http://opensimulator.org/mantis/view.php?id=5517, this code is somewhat adapted/cleaned up from Michelle's patch
I'm a little ambivalent about this since visitors could put anything in firstname/lastname so it's not much of an auth measure.
It's up to the auth service to decide which data it actually uses.
Possibly we should be passing through other info such as agent circuit ip
504de8bc47