Converge sysProp redaction logic in PropertiesRequestHandler and MetricsAPI

Currently there are two APIs to get the sysProps from a Solr process.

• /admin/info/properties
• /admin/info/metrics

Unfortunately the logic for redacting sensitive information is different and configured separately for these two endpoints.

For /admin/info/properties redaction occurs if "solr.redaction.system.enabled" is set to true, which it is by default. Then a reg-ex matcher for the sysProp key can be configured by "solr.redaction.system.pattern", and the default is ".password." (case-insensitive).

For /admin/info/metrics, redaction always occurs. The default list of sensitive properties is:

• "javax.net.ssl.keyStorePassword"
• "javax.net.ssl.trustStorePassword"
• "basicauth"
• "zkDigestPassword"
• "zkDigestReadonlyPassword"
• "aws.secretKey" // AWS SDK v1
• "aws.secretAccessKey" // AWS SDK v2
• "http.proxyPassword"

Notice that a few of these do not include the word "password". So the "basicauth" and "aws.secretKey" and "aws.secretAccessKey" options will be passed to the AdminUI by default.

I suggest that we merge the logic between these two and have them be configurable the same way. I think having this list is important, but also having a blanket "(password|secret)" filter is also safe.

Unfortunately the Metrics API redaction list is only configurable in the solr.xml under the <metrics> tag, which doesn't really apply to /info/properties. So we will probably want to move that out from metrics (back-compat for 9x of course) and add an envVar/sysProp that will make it easier for users to configure.