Skip to content

Constructors for SQLServerColumnEncryptionAzureKeyVaultProvider

lilgreenbird edited this page Mar 31, 2020 · 5 revisions

JDBC Driver v6.2.1 and under

With JDBC drivers v6.2.1 and before that support Azure Key Vault in order to construct SQLServerColumnEncryptionAzureKeyVaultProvider object, client applications needed to construct a SQLServerKeyVaultAuthenticationCallback object by implementing SQLServerKeyVaultAuthenticationCallback interface and provide an ExecutorService object.

//Supported by v6.2.1 and before, and v7.0.0 (@deprecated)
public SQLServerColumnEncryptionAzureKeyVaultProvider(
    SQLServerKeyVaultAuthenticationCallback authenticationCallback, 
    ExecutorService executorService) throws SQLServerException;

JDBC Driver v6.2.2 and above

Starting with JDBC Driver v6.2.2, the driver introduced new constructor and replaced the above constructor to construct SQLServerColumnEncryptionAzureKeyVaultProvider directly with clientID and clientKey, without implementing interface or providing ExecutorService, this was meant to reduce the complexity on the user's side but also caused a breaking change in client applications.

//Supported by v6.2.2 and above
public SQLServerColumnEncryptionAzureKeyVaultProvider(
    String clientId, String clientKey) throws SQLServerException;

JDBC Driver v7.0.0 and above

With JDBC Driver v7.0.0, the driver now supports both constructors as specified above along with a new constructor that only needs an implemented object of SQLServerKeyVaultAuthenticationCallback interface in order to call getAccessToken() function.

//Supported by v7.0.0 and above
public SQLServerColumnEncryptionAzureKeyVaultProvider(
    SQLServerKeyVaultAuthenticationCallback authenticationCallback) throws SQLServerException;

The first constructor that uses ExecutorService has only been added for backwards compatibility and has been marked @deprecated. It is scheduled to be removed in next Stable release. Customers using the first constructor can now switch to the new constructor without any change in implementation by removing the second parameter for ExecutorService.

JDBC Driver v8.3.0 and above

Starting with JDBC Driver v8.3.0, the driver introduced 2 new constructors to construct SQLServerColumnEncryptionAzureKeyVaultProvider with only clientID, or without any credentials information at all. This is to support registering providers to AKV using Managed Identity authentication.

//Supported by v8.3.0 and above
public SQLServerColumnEncryptionAzureKeyVaultProvider(String clientId) throws SQLServerException;

public SQLServerColumnEncryptionAzureKeyVaultProvider() throws SQLServerException;
Clone this wiki locally