Openfire considers that if a session has authenticated as A, and has
authenticated to B, then the session is already authorized to send stanzas
from A to B. This is not always the case.

This patch stores domain pairs (encapsulated as a DomainPair object) for a
session, and always authenticates if it has previously not requested
authorization for this domain pair.

This should be sufficient to fix OF-1309, but testing is tricky.