Cookie security reform: - fix handling of persistent logins while addressing problems of last commits - increase usage of try/throw to be able to distinguish exceptions - fix handling of LoginTimeout 0 in cryptographic expiration - use [ad_conn behind_secure_proxy_p] on more occasions, where security::secure_conn_p is used (maybe fold these together in the future) - new private proc security::log to ease debugging of cookie management - further improved documentation