Package com.mongodb

Class ClientEncryptionSettings

java.lang.Object

com.mongodb.ClientEncryptionSettings

@Deprecated(since="2021-05-27")
public final class ClientEncryptionSettings
extends Object

Deprecated.

Usage of this API is not supported in AEM as a Cloud Service.

The client-side settings for data key creation and explicit encryption.

Explicit encryption/decryption is a community feature, enabled with the new com.mongodb.client.vault.ClientEncryption type, for which this is the settings.

Since:

3.11

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static final class	ClientEncryptionSettings.Builder	Deprecated. Usage of this API is not supported in AEM as a Cloud Service.

Method Summary

Modifier and Type	Method	Description
static ClientEncryptionSettings.Builder	builder()	Deprecated. Convenience method to create a Builder.
MongoClientSettings	getKeyVaultMongoClientSettings()	Deprecated. Gets the key vault settings.
String	getKeyVaultNamespace()	Deprecated. Gets the key vault namespace.
Map<String,Map<String,Object>>	getKmsProviders()	Deprecated. Gets the map of KMS provider properties.

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Details

builder

public static ClientEncryptionSettings.Builder builder()

Deprecated.

Convenience method to create a Builder.

Returns:

a builder

getKeyVaultMongoClientSettings

public MongoClientSettings getKeyVaultMongoClientSettings()

Deprecated.

Gets the key vault settings.

The key vault collection is assumed to reside on the same MongoDB cluster as indicated by the connecting URI. But the optional keyVaultMongoClientSettings can be used to route data key queries to a separate MongoDB cluster, or the same cluster but with a different credential.

Returns:

the key vault settings, which may be null to indicate that the same MongoClient should be used to access the key vault collection as is used for the rest of the application.

getKeyVaultNamespace

public String getKeyVaultNamespace()

Deprecated.

Gets the key vault namespace.

The key vault namespace refers to a collection that contains all data keys used for encryption and decryption (aka the key vault collection). Data keys are stored as documents in a special MongoDB collection. Data keys are protected with encryption by a KMS provider (AWS KMS or a local master key).

Returns:

the key vault namespace, which may not be null

getKmsProviders

public Map<String,Map<String,Object>> getKmsProviders()

Deprecated.

Gets the map of KMS provider properties.

Multiple KMS providers may be specified. Initially, two KMS providers are supported: "aws" and "local". The kmsProviders map values differ by provider:

For "aws", the properties are:

• accessKeyId: a String containing the AWS access key identifier
• secretAccessKey: a String the AWS secret access key

For "local", the properties are:

• key: <byte array of length 96>

Returns:

map of KMS provider properties