In PBKDF2 the salt should be unique for each passwort, so two users using the same password are getting two different hashes.
My Idea for the salt is a SHA1-hash of the username and the password, so it will be unique for each user.
Actually I must generate the PBKDF2 hash in a JavaScript environment. Is it save to show how the salt is generated, because JavaScript sources are plain text?
Using the username as a salt is mostly satisfying, but does not protect against several attack scenarios. As for example, the password can be compared in the databases of two websites that use the same algorithm. Furthermore, rainbow tables can be generated in advance, hence reducing the cracking time after compromise. For this exact reason, the salt should be generated using a cryptographic PRNG. The idea of having the source code of the random source visible to attackers isn't a problem in itself, if it is non-predictable. See this question for how to generate it using javascript.
What is wrong with simply using a random salt? Other than your method doesn't require the salt to be stored with hashed password, I can't think of any advantages.
A hash of the username and password concatenated together should be okay. Since the password is secret the hash of the username and password will be unpredictable. However, as others have mentioned, there could be a security issue if there are two websites using the same algorithm, and someone using those websites uses the same credentials for both (i.e. looking at their hashed passwords we can tell they use the same password for each website). Adding the domain of your site should get around this. For example (+ is concatenation):
salt = hash(domain + username + password)
All of that being said, I would strongly recommend using a cryptographic random number generator to generate your salt since it's the standard practice for salt generation.
