topic/rpc Access Control

We've discovered a small security issue with authentication and authorization.

This issue covers ensuring users may only subscribe to Scopes for which they are allowed to view and to authenticate themselves over the websocket connection.

Subissues

• Tighter Crossbar topic/rpc ACLs simpl-modelservice#30
• Support simpl-modelservice authentication fixes simpl-react#29
• Update profiling to authenticate using user password simpl-modelservice#39