HTTP Caching Header filters should consider authorization

[kwin]

For CUG content you often want to prevent setting default Cache-Control headers, as those responses shouldn't be cached by CDNs.

The dispatcher has the feature allowAuthorized. A similar flag should be supported for HTTP Caching Headers.

[kwin]

At the same time it should probably be configurable if the server header should always be evaluated (https://github.com/Adobe-Consulting-Services/acs-aem-commons/blob/f4e42f9a625dd9dab4d920b792a0efefdf0279b2/bundle/src/main/java/com/adobe/acs/commons/http/headers/impl/AbstractDispatcherCacheHeaderFilter.java#L148C20-L148C32).