frontend/webdav: disable fallback-to-anonymous by default

Motivation:

The webdav and frontend doors have a feature where a request where a
user failed to authenticate (e.g., wrong password, expired certificate,
...) is treated as an anonymous request (i.e., as if no authentication
was provided).

This has proved quite confusing for users, as they have no immediate
feedback after entering the wrong password.  Instead, they see requests
succeeding if the anonymous user is authorised; for example, when making
a directory listing.  The problem only becomes apparent when they
attempt an operation that an anonymous user is not allowed to do; for
example, uploading a file.  It is then not clear that this failure comes
from their failed (but apparently successful) authentication.

Modification:

Set the default to false: disabling this feature.

Result:

By default, dCache will now fail requests where the user has failed to
authenticate. Anonymous requests may be supported by dCache (depending
on configuration) but these are only available if the client makes these
requests withou supplying credentials.

Target: master
Requires-notes: no
Requires-book: no
Patch: https://rb.dcache.org/r/12120/
Acked-by: Albert Rossi
Acked-by: Olufemi Adeyemi
Acked-by: Lea Morschel

skel/share/defaults/dcache.properties

@@ -971,7 +971,7 @@ dcache.authn.ciphers = DISABLE_RFC_7540_BANNED_CIPHERS, ENABLE_WEAK_CIPHERS_FOR_
 #   With this option disabled, any operation where the user fails to
 #   log in will always fail with a 401 HTTP status code.
 #
-(one-of?true|false)dcache.enable.authn.anonymous-fallback-on-failed-login = true
+(one-of?true|false)dcache.enable.authn.anonymous-fallback-on-failed-login = false
 
 #  ---- Whether to overwrite existing files on upload
 #