Obfuscate password in output logs

[blueshift-brasil]

Should not show passwords in any output message. Maybe create an annotation to make it ease to reuse.

For example, when we call the Fluo config command:

[root@edc0f9c776a5 conf]# fluo config -a test
fluo.accumulo.instance = test
fluo.accumulo.password = pass123
fluo.accumulo.user = root
fluo.dfs.root = hdfs://hadoop01:9000/fluo
fluo.accumulo.zookeepers = 10.10.5.10
fluo.accumulo.table = ${fluo.connection.application.name}

[blueshift-brasil]

In Apache Camel project they use an util class called URISupport to obfuscate sensitive data from URL's.

public static String sanitizeUri(String uri) {
    // use xxxxx as replacement as that works well with JMX also
    String sanitized = uri;
    if (uri != null) {
        sanitized = SECRETS.matcher(sanitized).replaceAll("$1=xxxxxx");
        sanitized = USERINFO_PASSWORD.matcher(sanitized).replaceFirst("$1xxxxxx$3");
    }
    return sanitized;
}

public void testSanitizeUriWithUserInfo() {
    String uri = "jt400://GEORGE:HARRISON@LIVERPOOL/QSYS.LIB/BEATLES.LIB/PENNYLANE.DTAQ";
    String expected = "jt400://GEORGE:xxxxxx@LIVERPOOL/QSYS.LIB/BEATLES.LIB/PENNYLANE.DTAQ";
    assertEquals(expected, URISupport.sanitizeUri(uri));
}