include session subject in NotAuthorized error message
Connections with certain types of bad certificates succeed, but get downgraded to 'public'. It would be helpful for the client to have the subject of the session received by D1Nodeservice.isAuthorized() in the error message returned, as a possible explanation for why the call didn't succeed.
Similarly, it might be helpful when trying to resolve escalated authorization issues if the session subject was logged as a warning when NotAuthorized is triggered. Might be triggered a lot, though, as isAuthorized is called by other api methods.