Currently to file-based authentication mechanism has a default to read from security_file.passwords, while the file-based authorization mechanism reads from security_file.allow.
Think it would be better for these to have defaults that are in line with the component-specific config files (authentication_file.properties and authorization_file.properties respectively).
Therefore change defaults so that:
- security_file.passwords is instead authentication_file.passwords
- security_file.allow is instead authorization_file.allow