Add development security scheme

Current situation

Currently, the DevDatabaseLoader and ProductionSecurityConfiguration classes are always configured. Because of this, API keys are always used, either during production or development phase.

Wanted situation

We would like to use the @Profile("production") and such tags to configure the abovementioned ProductionSecurityConfiguration class to only be active for the production environment. Additionally, we would like a class that sets up a development security config which requires virtually no authentication or authorization. For this, either move the @EnableGlobalMethodSecurity annotation to only be active for production (probably best option), or configure a default user that is always authenticated with all permissions.