Support unauthenticated clients via Unauthenticated auth source
This change set introduces a new Unauthenticated global variable that is
an instance of the new unauthenticatedAuthSource that can be used to
signal that the client should not use any authentication. I've preferred
that over using nil for the auth source, because I simply don't like
passing nil for something I intentionally want and a personal dislike
towards nil :)
I think it also makes the API more expressive.