Show both Service account and "triggering" User for Composite Identity

Problem

When a composite identity is used it consists of two parts, the user that triggered the action and the service account. With our current system of displaying usernames we're only always displaying one user. In a lot of case this has been the "human" user by default and we now switched to showing the Service account instead. This switch is ongoing (e.g. see #577716).

However, in either case, we're hiding potentially important information from an observer that e.g. looks at an activity log or an issue, either the Service Account or the "trigger" user on whose behalf acions are taken is unclear.

Desired Outcome

We explore:

• a visual way that both the human as well as the service account part of a composite identity are shown. E.g. Duo Developer on behalf of Max Mustermann
• places is in the UI where this new way of showing usernames is used
• a first potential architecture