Currently, AuthenticatedMatcher#withRoles checks all authorities in MvcResult.

It's semantics would be clearer if withRoles checked the ROLE_ authorities.

This will allow applications to test their RBAC rules without having to take into consideration unrelated authorities.