Introduce a clustered principalrolemapper based on the clusterregistry to ease authorization manipulation in certain contexts. Also clean up the declarative configurations to avoid using class names for the out-of-the-box prms