Prevent erroneous audit logs

[Botje]

ActiveMQ Artemis supports audit logs, which log all administrative actions that happen on the broker. These logs identify the "current user" for an administrative access by one of two methods:

1. The Subject associated with the current security manager context, or
2. A ThreadLocal<Subject>, which is set by JolokiaFilter as part of interaction with the admin console.

For a non-Artemis servlet such as the metrics plugin, this ThreadLocal is set to whatever Subject made the previous request on this thread. This leads to situations where metric accesses are logged as being done by ghost users.

This PR explicitly supplies an empty Subject for the scraping action.

To reproduce the issue:

1. Set up Artemis with the default admin/admin user and the metrics plugin.
2. Enable audit logging (logger.audit_base should be at INFO level)
3. Tail -f the audit log and start the server
4. Log in to the admin console
5. Observe that a lot of audit logs fly by for admin(amq)@127.0.0.1.
6. Access the metrics with eg curl http://localhost:8161/metrics/.
7. Observe that a lot of audit logs fly by for admin(amq)@127.0.0.1, even though these requests are completely anonymous.

After applying this patch, notice that the audit logs are for anonymous@127.0.0.1.

[jbertram]

I think this issue can and should be fixed in the broker itself. We don't want to impose this requirement on plugin implementations. There are likely other tools like Prometheus which require an HTTP endpoint to scrape which will hit the same issue. If we can solve it in the broker then every plugin doesn't have to solve the problem itself.

[Botje]

Thank you for the swift reply. ~Is there a ticket in Jira I can follow or should I create a new one?~ Logged as ARTEMIS-4420.