User mapping performed even if credentials are found in bind cache

Actually, we could perform the realm mapping first, check if the credentials are found in the bind cache (because the bind cache operates on DNs, not privacyIDEA usernames) and only perform user mapping if they are not. This would improve performance a bit.