Add log protection/redaction categories

[jamezp]

Migrated from: https://issues.redhat.com/browse/LOGTOOL-133

It is a requirement of some segments of the user population that certain pieces of information should be masked from the log.

We could solve the largest part of this problem as follows:

• Introduce a new annotation @Protected(category) where category is a string, which applies to the parameters of the log methods. This could include categories such as:
  • credential
  • network-address
  • hostname
  • url
• Introduce support for a system property jboss.logging.protected which could contain a comma-delimited list of categories, or the special category all
• Generated logging interface implementations will initialize static boolean fields for each category referenced by a logging interface parameter
• Generated logging code will check the field and if set, replace the given parameters with a generic redaction string (see [#example 1])
• Add default protection categories for certain Java types:
  • InetAddress & SocketAddress and subtypes → network-address
  • URL & URI → url
  • java.security.Key → credential
  • etc.

Possible improvement/variation:

• Give @Protected class retention, allow it to apply to classes as well so that for example Elytron Credential and Password could be annotated to get protection automatically in all use sites

Example 1

    final IllegalArgumentException result =
        new IllegalArgumentException(
            String.format(
                getLoggingLocale(),
                PROT_CREDENTIAL ? "????????" : credential
            )
        );

Notes:

• Using a boolean constant allows the JIT to delete the unused code path
• The redaction string should be constant and constant-length so that the length cannot be used to infer information about it