`www-authenticate` header problems are hard to debug

See https://github.com/sbt/sbt/issues/4434

Our devops made an accidental change and we were sure that the problem is a bug in sbt. In fact www-authentication header was missing and it was breaking things. And very hard to debug.

There may be two useful usability improvements:

  1. It may be a good idea to show a warning, saying www-authenticate header was missing in case dependency resolution fails for any repository which is not predefined in sbt
  2. It may be a good idea to reproduce recent coursier behaviour and not to issue HEAD requests when there is just one credentials set defined for a particular hostname