Logging should not leak sensitive information

[oberstet]

We should remove any sensitive information from log messages, which includes eg secrets for static configuration of authentication methods that use secrets.

Consider this log message, printing information when a node starts that configures roles and WAMP-CRA authentication (static) (all sensitive info in this snippet has been manually redacted):

2018-03-19T16:07:45+0100 [Router      11928] RouterWorkerSession.start_web_transport_service(transport_id=transport-001, path=ws, config={'type': 'websocket', 'cookie': {'store': {'type': 'file', 'filename': 'cookies.dat
'}}, 'auth': {'wampcra': {'type': 'static', 'users': {'redacted1': {'role': 'frontend', 'secret': 'redacted'}, 'redacted2': {'role': 'frontend', 'secret': 'redacted'}, 'redacted3': {'role': 'backend', 'secret': 'redacted'}, 'redacted4': {'role': 'frontendadmin', 'secret': 'redacted'}}}, 'cookie': {}}})

The WAMP-CRA secrets are printed in the log. This is bad.

[oberstet]

Note that the sensitive information is of course also in the node configuration file (with Crossbar.io OSS), and access on the host needs to be controlled at the filesystem level.

The same could be said for log files .. but these are often further processed, collected at a central place, etc -- and hence we should apply more strict rules to log messages IMO.