Missing finalizer protection for XBackend referenced by HTTPRoute

Currently, the XBackend finalizer only checks for targeting XAccessPolicies. It does not check if the backend is still in use by any HTTPRoute. This allows an XBackend to be deleted out-of-order, causing the associated HTTPRoute to point to a non-existent resource.