Catch unsigned logout requests and raise a 400 for now
A 400 is still going to blow up the logout sequence but
it is better than a 500 and at least tells the user what
is wrong.
This is most likely to be run into during initial SP
testing and not in production.
https://fedorahosted.org/ipsilon/ticket/166
Signed-off-by: Rob Crittenden <rcritten@redhat.com>