Create a Capture Agent digest user with its own role

Currently the system digest user (opencast_system_account by default) is used both for authentication between nodes in the cluster, and between the CA and admin node.

We should separate this into two separate accounts by creating a digest user for capture agents which has a specific role and access to endpoints required by capture agents configured for that role.

Initial version of this for 3.x:

https://bitbucket.org/opencast-community/opencast/pull-requests/1542/mh-12091-create-a-capture-agent-digest/diff