Skip to content

Constructors for SQLServerColumnEncryptionAzureKeyVaultProvider

Jump to bottom
lilgreenbird edited this page Jan 20, 2021 · 5 revisions

JDBC Driver v6.2.1 and under

With JDBC drivers v6.2.1 and before that support Azure Key Vault in order to construct SQLServerColumnEncryptionAzureKeyVaultProvider object, client applications needed to construct a SQLServerKeyVaultAuthenticationCallback object by implementing SQLServerKeyVaultAuthenticationCallback interface and provide an ExecutorService object.

//Supported by v6.2.1 and before, and v7.0.0 (@deprecated)
public SQLServerColumnEncryptionAzureKeyVaultProvider(
    SQLServerKeyVaultAuthenticationCallback authenticationCallback, 
    ExecutorService executorService) throws SQLServerException;

JDBC Driver v6.2.2 and above

Starting with JDBC Driver v6.2.2, the driver introduced new constructor and replaced the above constructor to construct SQLServerColumnEncryptionAzureKeyVaultProvider directly with clientID and clientKey, without implementing interface or providing ExecutorService, this was meant to reduce the complexity on the user's side but also caused a breaking change in client applications.

//Supported by v6.2.2 and above
public SQLServerColumnEncryptionAzureKeyVaultProvider(
    String clientId, String clientKey) throws SQLServerException;

JDBC Driver v7.0.0 and above

With JDBC Driver v7.0.0, the driver now supports both constructors as specified above along with a new constructor that only needs an implemented object of SQLServerKeyVaultAuthenticationCallback interface in order to call getAccessToken() function.

//Supported by v7.0.0 and above
public SQLServerColumnEncryptionAzureKeyVaultProvider(
    SQLServerKeyVaultAuthenticationCallback authenticationCallback) throws SQLServerException;

JDBC Driver v8.3.0 and above

With JDBC Driver v8.3.0, the driver introduced a new constructor that contains only the clientID. This can be used to authenticate to the Azure Key Vault using Managed Identity.

//Supported by v8.3.0 and above
public SQLServerColumnEncryptionAzureKeyVaultProvider(
    String clientId) throws SQLServerException;

JDBC Driver v9.2.0 and above

With JDBC Driver v9.2.0, the driver now supports constructors as specified above along with a new constructor using the provided TokenCredential to authenticate to Azure Active Directory.

//Supported by v9.2.0 and above
public SQLServerColumnEncryptionAzureKeyVaultProvider(
    TokenCredential tokenCredential) throws SQLServerException;

Note the constructor that uses ExecutorService is included for backwards compatibility and has been marked @deprecated. It is scheduled to be removed in a future stable release. Customers using the first constructor can switch to the new constructor without any change in implementation by removing the second parameter for ExecutorService.

Clone this wiki locally