Freemarker: make class resolver configurable

The configuration of Freemarker’s new_builtin_class_resolver is now by default allows_nothing instead of unrestricted and configurable by setting the property freemarker.new_builtin_class_resolver to either unrestricted, safer or allows_nothing for security reasons. See https://freemarker.apache.org/docs/api/freemarker/template/Configuration.html and https://freemarker.apache.org/docs/app_faq.html for more information.

Note that this fix was applied for security reasons and is only breaking for projects using Freemarker templates with java code execution.

(CMS-27252)