Throwing exceptions during LdapRolesProvider initialization can put
applications into a bad state where they do not recover on their own.
If LDAP connectivity is unavailable, we can at least let the
application keep running and report a more meaningful failure, as
opposed to failing to startup completely, unable to report to us
anything automatically (and thus requiring looking at logs and such).
This can also allow applications to recover on their own without
requiring manual intervention.

This reverts commit fee195e.

When true, existing behavior remains. Existing behavior does not allow
an instance to be constructed if LDAP connectivity cannot be
established.

When false, an instance will be created even if the connection fails.
getUserRoles will fail until the connection is established. Connection
will be retried on the next role lookup after the configured retry
interval.

Ideally connections would be retried in the background without a lookup
being called, but this requires a thread pool, and a thread pool
requires managing the life cycle of the roles provider, which might be
difficult in the JBoss login module mode. For now this is a simpler
alternative that should more or less work the same under traffic.