This exception was only used by the project access handlers. It was not
given any special treatment by RestApiServlet, so it was propagated as a
500, which was probably not the intent. Replace all usages with
AuthException.
Change-Id: I134cbd4155de306fe443865be5e0ea9c4e711b7a
35f6f13fd5