Warning headers are removed on any failure

[pgomulka]

Whenever a request fails, the previously emitted response header warnings are removed from a response.
This was intentionally done so that when authentication fails, there would be no warnings presented to a user.
However when a failure is not related to authentication, headers are removed as well.
I suspect this behaviour fails only when security is enabled

introduced by #64948

reproduction steps:

1. create an index
2. send a request that emits a warning and also fails. For instance a rest api compatible typed search endpoint - emits deprecation warning- and typed query - fails parsing.

--url http://localhost:9200/test1/sometype/_search
--header ‘Accept: application/vnd.elasticsearch+json;compatible-with=7’
--header ‘Authorization: Basic ZWxhc3RpYzpwYXNzd29yZA==’
--header ‘Content-Type: application/vnd.elasticsearch+json;compatible-with=7’
--header ‘X-Opaque-ID: he’
--data ‘{
“query”: {
“type”:{
“value”: “_doc”
}
}
}’

`Warning` headers are missing

[elasticmachine]

Pinging @elastic/es-security (Team:Security)

[BigPandaToo]

While adding a warning header when a license is about to expire we also removed all the warning headers from response if it fails when handling the request in SecurityRestFilter. But SecurityRestFilter handles all exceptions happening during the request including not security related.
We can limit warning headers filtering to only filter 401 (or 401 and 403) in filterHeaders like:
if (headers.containsKey("Warning") && (restStatus == RestStatus.UNAUTHORIZED || restStatus == RestStatus.FORBIDDEN)) {...

[tvernum]

@BigPandaToo Where did we get to with the fix for this?

[BigPandaToo]

@BigPandaToo Where did we get to with the fix for this?

Adding test