Move stateless/stateful at each auth scheme level

[radutopala]

We should be able to set stateless / stateful on each auth scheme independently, because an app may have 2 or more auth schemes, for example jwt/generic with stateless and form with stateful.

Current solution from @jeevatkm: achieve the stateless via interceptor (https://docs.aahframework.org/interceptors.html) - define action or controller level Finally interceptor and then call ctx.Session().Clear() or ctx.Subject().Logout().